The s6-setuidgid program
s6-setuidgid executes a program as another user.
s6-setuidgid account prog...
- If account contains a colon, it is interpreted as uid:gid,
else it is interpreted as a username and looked up by name in the account
- If account is unknown, s6-setuidgid exits 1.
- s6-setuidgid sets its (real and effective) uid and gid to those of account.
It also sets the list of supplementary groups to the correct one for account
according to the group database.
- Then it executes into prog....
s6-setuidgid can only be run as root. Its main use is to drop root privileges before
starting a daemon.