instance: handle setgid() before setuid()

instance: handle setgid() before setuid()

When attempting to run a service with an unprivileged user and group
id procd, the following error might occur:

	procd: failed to set uid:1000, gid:1000

This is due to the fact that procd first performs the setuid(), then
the setgid() call.

Usually there no sufficient permissions after a setuid() anymore to
change the effective group id of the process.

Refactor the code to:

  * Swap the invocations (first gid, then uid)
  * Don't set user or group id if it is 0
  * Handle errors independently and make them more verbose

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>