In batch mode, set groups to group membership of target user.

Previously, group list was cleared during privilege de-escalation. This causes
profiles scripts to be run as the local user with an empty group list. This can
cause issues when, eg, the 'video' group is required for backlight control,
and the user is trying to invoke xbacklight from postswitch.sh.

diff --git a/autorandr.py b/autorandr.py
index 535ec31f6005a4a2f6190b5c7c6e52cdc10eb8ef..a2c6f8274e17c7782e95375419a848254b5e1010 100755 (executable)
--- a/autorandr.py
+++ b/autorandr.py
@@ -1101,7 +1101,7 @@ def dispatch_call_to_sessions(argv):
             # so it should be safe. Also, note that since the environment
             # is taken from a process owned by the user, reusing it should
             # not leak any information.
-            os.setgroups([])
+            os.setgroups(os.getgrouplist(pwent.pw_name, pwent.pw_gid))
             os.setresgid(pwent.pw_gid, pwent.pw_gid, pwent.pw_gid)
             os.setresuid(pwent.pw_uid, pwent.pw_uid, pwent.pw_uid)
             os.chdir(pwent.pw_dir)