In a unix environment it is usefull to be able to determine what group a user is in when limiting access to certain functions, commands, or programs. The problem, however, is that the normal getgid() and getegid() functions only return the primary group a person is a member of. This creates difficulties if you want to add people to a group to give them special priveledges while still running the same programs.

To solve this problem, the getgroups(int gidsetlen, gid_t *gidset) function is needed. The code below shows how to use this. Currently the example will set access = to 1 for anyone in group 0 (wheel) or leave access as zero for everyone else. It is set to check a maximum of 5 groups.

By changing the #defines you can easily make this code search for any group, and make it check more or less groups that a user is a member of, depending on how your system is setup.

     #include <sys/types.h>
     #include <unistd.h>
     /* Group to search for, and max groups to look at *
      * with the user                                  */
     #define GROUP 0
     #define MAX_GROUPS 5

     gid_t gidset[MAX_GROUPS];
     int groups;
     int i;
     int access=0

     /* Get the groups, then loop through to see if  *
      * desired group is present                     */
     groups = getgroups(MAX_GROUPS, gidset);
     for (i=0; i<=groups-1; i++)
          if (gidset[i]==GROUP) access=1;

     /* Also check if desired group is primary group  *
      * (then it doesn't show in getgroups)           */
     if (getegid()==GROUP) access=1;

Log in or register to write something here or to contact authors.