+ /*
+ * If we don't own the file, are trying to change the owner
+ * of the file, or are not a member of the target group,
+ * the caller must be superuser or the call fails.
+ */
+ if ((u.u_uid != ip->i_uid || uid != ip->i_uid ||
+ !groupmember((gid_t)gid)) &&
+ (u.u_error = suser(u.u_cred, &u.u_acflag)))
+ return (u.u_error);