Add setgroups(2) to macOS/Apple targets

[kpcyrd]

What does this PR do

This is related to #2069 and kpcyrd/acme-redirect#50, the setgroups api definitely exists, but it's currently not available in nix for that target, causing compile errors with some projects.

• https://developer.apple.com/library/archive/documentation/System/Conceptual/ManPages_iPhoneOS/man2/setgroups.2.html#//apple_ref/doc/man/2/setgroups
• https://keith.github.io/xcode-man-pages/setgroups.2.html
• https://docs.python.org/3/library/os.html#os.setgroups
• https://docs.python.org/3/library/os.html#os.getgroups

The nix commit had some information that was likely not accurate:

"Note: This function is not available for Apple platforms. On those platforms, group membership management should be achieved via communication with the opendirectoryd service."

Quoting from @Elizafox in #2069 (which I believe to be correct):

This is erroneous for this function. OpenDirectory is just for querying the directory. It cannot manage the groups of the process.

Checklist:

• I have read CONTRIBUTING.md
• I have written necessary tests and rustdoc comments
• A change log has been added if this PR modifies nix's API

[kpcyrd]

The test failures seem to be related to Linux kernel exploit mitigations (the FreeBSD one I don't know though).

[SteveLauC]

The test failures seem to be related to Linux kernel exploit mitigations (the FreeBSD one I don't know though).

They are unrelated, don't worry about them.

Update: you can rebase your branch after #2796 is merged.

[SteveLauC]

Maybe we should also add the other two functions as well:

• initgroups
• getgroups

I previously had concerns about the weird semantics of getgtoups, but that does not really bother me anymore since Nix is ultimately just a bindings crate.

[SteveLauC]

This comment should be updated if we expose it on apple targets.

[SteveLauC]

A changelog entry is needed, see https://github.com/nix-rust/nix/blob/master/CONTRIBUTING.md#pull-requests.