From a62acf1715e8baa7737a7b5a490207294951825e Mon Sep 17 00:00:00 2001
From: Nalin Dahyabhai <nalin@dahyabhai.net>
Date: Feb 15 2012 06:12:44 +0000
Subject: - also drop primary GID


---

diff --git a/src/postsave.c b/src/postsave.c
index 0deda5a..e188eb5 100644
--- a/src/postsave.c
+++ b/src/postsave.c
@@ -74,6 +74,14 @@ cm_postsave_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
 			return -1;
 		}
 	}
+	if (setregid(pwd->pw_gid, pwd->pw_gid) == -1) {
+		cm_log(1, "Error on setregid(%lu,%lu,%lu): %s.\n",
+		       (unsigned long) pwd->pw_gid,
+		       (unsigned long) pwd->pw_gid,
+		       (unsigned long) pwd->pw_gid,
+		       strerror(errno));
+		return -1;
+	}
 	if (setreuid(pwd->pw_uid, pwd->pw_uid) == -1) {
 		cm_log(1, "Error on setreuid(%lu,%lu,%lu): %s.\n",
 		       (unsigned long) pwd->pw_uid,