eam/gist:3420882

## gistfile1.rb

require 'etc'

def run_as(user)
  pw = Etc.getpwnam(user)

  orig_uid = Process.euid
  orig_gid = Process.egid
  orig_groups = Process.groups
  begin
    Process::Sys.setregid(pw.gid, -1)
    Process::Sys.setresgid(-1, pw.gid, -1)
    Process.initgroups(user, pw.gid)

    Process::Sys.setreuid(pw.uid, -1)
    Process::Sys.setresuid(-1, pw.uid, -1)

    yield
  ensure
    Process::Sys.setresuid(-1, orig_uid, -1)
    Process::Sys.setreuid(orig_uid, -1)
    Process.groups = orig_groups
    Process::Sys.setresgid(-1, orig_gid, -1)
    Process::Sys.setregid(orig_gid, -1)
  end
end

if __FILE__ == $0
  print "Starting up as:   "
  system "id"
  begin
    run_as(ARGV.first) {
      print "inside block as:  "
      system "id"
      raise
    }
  ensure
    print "outside block as: "
    system "id"
  end
end

	require 'etc'

	def run_as(user)
	pw = Etc.getpwnam(user)

	orig_uid = Process.euid
	orig_gid = Process.egid
	orig_groups = Process.groups
	begin
	Process::Sys.setregid(pw.gid, -1)
	Process::Sys.setresgid(-1, pw.gid, -1)
	Process.initgroups(user, pw.gid)

	Process::Sys.setreuid(pw.uid, -1)
	Process::Sys.setresuid(-1, pw.uid, -1)

	yield
	ensure
	Process::Sys.setresuid(-1, orig_uid, -1)
	Process::Sys.setreuid(orig_uid, -1)
	Process.groups = orig_groups
	Process::Sys.setresgid(-1, orig_gid, -1)
	Process::Sys.setregid(orig_gid, -1)
	end
	end

	if __FILE__ == $0
	print "Starting up as: "
	system "id"
	begin
	run_as(ARGV.first) {
	print "inside block as: "
	system "id"
	raise
	}
	ensure
	print "outside block as: "
	system "id"
	end
	end