From 9d0381f17404d2dfd83819002792253b94fdef05 Mon Sep 17 00:00:00 2001
From: Loraine Gueguen <loraine.gueguen@sb-roscoff.fr>
Date: Wed, 17 May 2023 00:46:44 +0200
Subject: [PATCH 1/5] add one supplementary group which the user is also a
 member of

---
 README.md                          | 2 ++
 scripts/pre-launch.d/08script_user | 8 +++++++-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index f50626f..f6da1ab 100644
--- a/README.md
+++ b/README.md
@@ -54,4 +54,6 @@ UID: the uid of the user
 GID: the gid of the user
 RUN_USER: the username of the user
 RUN_GROUP: the group of the user
+OTHER_GID: a supplementary gid which the user is also a member of
+OTHER_RUN_GROUP: a supplementary group which the user is also a member of
 ```
diff --git a/scripts/pre-launch.d/08script_user b/scripts/pre-launch.d/08script_user
index c95d49f..6ac7968 100755
--- a/scripts/pre-launch.d/08script_user
+++ b/scripts/pre-launch.d/08script_user
@@ -3,7 +3,13 @@ if [ -n "$GID" ]; then
 	getent group $RUN_GROUP &> /dev/null || groupadd $GIDoption $RUN_GROUP
 fi
 
+$otherGIDoption=""
+if [ -n "$OTHER_GID" ]; then
+    $otherGIDoption="--groups $OTHER_GID"
+	getent group $OTHER_RUN_GROUP &> /dev/null || groupadd --gid $OTHER_GID $OTHER_RUN_GROUP
+fi
+
 if [ -n "$UID" ]; then
 	UIDoption="--uid $UID"
-	id -u $RUN_USER &> /dev/null || useradd -d /tmp/$RUN_USER --create-home --no-user-group $UIDoption $GIDoption $RUN_USER
+	id -u $RUN_USER &> /dev/null || useradd -d /tmp/$RUN_USER --create-home --no-user-group $UIDoption $GIDoption $otherGIDoption $RUN_USER
 fi

From 46b01806293144b93a975bffa891266974a93843 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Loraine=20Brillet-Gu=C3=A9guen?=
 <loraine-gueguen@users.noreply.github.com>
Date: Wed, 17 May 2023 22:12:40 +0200
Subject: [PATCH 2/5] Apply suggestions from code review

Co-authored-by: mboudet <mateo.boudet@gmail.com>
Co-authored-by: Anthony Bretaudeau <anthony.bretaudeau@irisa.fr>
---
 scripts/pre-launch.d/08script_user | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/scripts/pre-launch.d/08script_user b/scripts/pre-launch.d/08script_user
index 6ac7968..0ec908f 100755
--- a/scripts/pre-launch.d/08script_user
+++ b/scripts/pre-launch.d/08script_user
@@ -3,10 +3,9 @@ if [ -n "$GID" ]; then
 	getent group $RUN_GROUP &> /dev/null || groupadd $GIDoption $RUN_GROUP
 fi
 
-$otherGIDoption=""
 if [ -n "$OTHER_GID" ]; then
-    $otherGIDoption="--groups $OTHER_GID"
-	getent group $OTHER_RUN_GROUP &> /dev/null || groupadd --gid $OTHER_GID $OTHER_RUN_GROUP
+    otherGIDoption="--groups $OTHER_GID"
+    getent group $OTHER_RUN_GROUP &> /dev/null || groupadd --gid $OTHER_GID $OTHER_RUN_GROUP
 fi
 
 if [ -n "$UID" ]; then

From 63c990b5a3424be8d61a5717fcf5385663c7ac79 Mon Sep 17 00:00:00 2001
From: Loraine Gueguen <loraine.gueguen@sb-roscoff.fr>
Date: Wed, 17 May 2023 23:08:22 +0200
Subject: [PATCH 3/5] add a list of supplementary groups

---
 README.md                          |  4 ++--
 scripts/pre-launch.d/08script_user | 11 +++++++++--
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index f6da1ab..78eb626 100644
--- a/README.md
+++ b/README.md
@@ -54,6 +54,6 @@ UID: the uid of the user
 GID: the gid of the user
 RUN_USER: the username of the user
 RUN_GROUP: the group of the user
-OTHER_GID: a supplementary gid which the user is also a member of
-OTHER_RUN_GROUP: a supplementary group which the user is also a member of
+OTHER_GID: list of supplementary gid (comma separated) which the user is also a member of
+OTHER_RUN_GROUP: list of supplementary group (comma separated) which the user is also a member of. The order must match the order used for OTHER_GID.
 ```
diff --git a/scripts/pre-launch.d/08script_user b/scripts/pre-launch.d/08script_user
index 0ec908f..04c8045 100755
--- a/scripts/pre-launch.d/08script_user
+++ b/scripts/pre-launch.d/08script_user
@@ -4,8 +4,15 @@ if [ -n "$GID" ]; then
 fi
 
 if [ -n "$OTHER_GID" ]; then
-    otherGIDoption="--groups $OTHER_GID"
-    getent group $OTHER_RUN_GROUP &> /dev/null || groupadd --gid $OTHER_GID $OTHER_RUN_GROUP
+    IFS=',' read -ra OTHER_GID_ARRAY  <<< "$OTHER_GID"
+    IFS=',' read -ra OTHER_RUN_GROUP_ARRAY  <<< "$OTHER_RUN_GROUP"
+    length=${#OTHER_GID_ARRAY[@]}
+    GROUPS="--groups "
+    for (( i=0; i<$length; i++ )); do
+        getent group $OTHER_RUN_GROUP_ARRAY[i] &> /dev/null || groupadd --gid $OTHER_GID_ARRAY[i] $OTHER_RUN_GROUP_ARRAY[i]
+        GROUPS+="$OTHER_GID_ARRAY[i],"
+    done
+    otherGIDoption=${GROUPS::-1}
 fi
 
 if [ -n "$UID" ]; then

From 727c79f489e03a5673a5a764fe0bafd23cc84dbb Mon Sep 17 00:00:00 2001
From: Loraine Gueguen <loraine.gueguen@sb-roscoff.fr>
Date: Mon, 22 May 2023 11:54:01 +0200
Subject: [PATCH 4/5] fix array variables

---
 scripts/pre-launch.d/08script_user | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scripts/pre-launch.d/08script_user b/scripts/pre-launch.d/08script_user
index 04c8045..dd82e1a 100755
--- a/scripts/pre-launch.d/08script_user
+++ b/scripts/pre-launch.d/08script_user
@@ -9,8 +9,8 @@ if [ -n "$OTHER_GID" ]; then
     length=${#OTHER_GID_ARRAY[@]}
     GROUPS="--groups "
     for (( i=0; i<$length; i++ )); do
-        getent group $OTHER_RUN_GROUP_ARRAY[i] &> /dev/null || groupadd --gid $OTHER_GID_ARRAY[i] $OTHER_RUN_GROUP_ARRAY[i]
-        GROUPS+="$OTHER_GID_ARRAY[i],"
+        getent group ${OTHER_RUN_GROUP_ARRAY[i]} &> /dev/null || groupadd --gid ${OTHER_GID_ARRAY[i]} ${OTHER_RUN_GROUP_ARRAY[i]}
+        GROUPS+="${OTHER_GID_ARRAY[i]},"
     done
     otherGIDoption=${GROUPS::-1}
 fi

From 820ff01c1b8d2739a15e8e2b796f69c05eb729ae Mon Sep 17 00:00:00 2001
From: Loraine Gueguen <loraine.gueguen@sb-roscoff.fr>
Date: Mon, 22 May 2023 12:24:40 +0200
Subject: [PATCH 5/5] fix groups variable

---
 scripts/pre-launch.d/08script_user | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/scripts/pre-launch.d/08script_user b/scripts/pre-launch.d/08script_user
index dd82e1a..c390707 100755
--- a/scripts/pre-launch.d/08script_user
+++ b/scripts/pre-launch.d/08script_user
@@ -7,12 +7,12 @@ if [ -n "$OTHER_GID" ]; then
     IFS=',' read -ra OTHER_GID_ARRAY  <<< "$OTHER_GID"
     IFS=',' read -ra OTHER_RUN_GROUP_ARRAY  <<< "$OTHER_RUN_GROUP"
     length=${#OTHER_GID_ARRAY[@]}
-    GROUPS="--groups "
+    groups="--groups "
     for (( i=0; i<$length; i++ )); do
         getent group ${OTHER_RUN_GROUP_ARRAY[i]} &> /dev/null || groupadd --gid ${OTHER_GID_ARRAY[i]} ${OTHER_RUN_GROUP_ARRAY[i]}
-        GROUPS+="${OTHER_GID_ARRAY[i]},"
+        groups+="${OTHER_GID_ARRAY[i]},"
     done
-    otherGIDoption=${GROUPS::-1}
+    otherGIDoption=${groups::-1}
 fi
 
 if [ -n "$UID" ]; then