Additional group memberships for argusd user

[Sebastian.Kayser at bifab.de]

Hi all,

we have some logfiles on our argus host which belong to root
and to the group logadm (permissions 640). These logfiles
should be monitored by argus. 

In order to permit argus to read these logfiles we added the argusd user 
(argus) to the group logadm and restartet argusd. Still argus 
(specifically our check scripts triggered by argus) was not able to read 
those files (permission denied). When i log in via the argus account and 
start our bash-scripts used for the checking manually everythings works 
fine.

I added some debugging in our check scripts to see what is going on when 
the scripts are triggered by argusd

"id" returns: 
uid=1000(argus) gid=102(argus) Gruppen=0(root)

"groups" returns:
argus root

On the CLI these commands return

argus at murphy:~$ id
uid=1000(argus) gid=102(argus) groups=102(argus),113(logadm)
argus at murphy:~$ groups
argus logadm

Why does our script run via argusd think argus belongs to the additional 
group root and not to the group logadm? And why then do the permission not 
suffice (as root should be able to read anything)?

Any idea on this? In fact i just want argusd to run as a user who belongs 
to multiple groups and thus inherits broader permission in order to run 
his checks.

Cheers,

Sebastian