diff --git a/security.c b/security.c
index 9cb70ab0e..a801005b9 100644
--- a/security.c
+++ b/security.c
@@ -36,6 +36,10 @@ int restrict_uid(unsigned int uid, unsigned int gid)
 	cr_uid = uid;
 	cr_gid = gid;
 
+	/* skip obtaining additional groups for root, as they don't matter */
+	if (cr_uid == 0 && cr_gid == 0)
+		return 0;
+
 	pwd = getpwuid(uid);
 	if (!pwd) {
 		pr_perror("Can't get password file entry");