Restore staprun's support for REAL_UID/GID

This is needed for run-stap so that stapio and all child processes can
run as the originally invoking user instead of root.

1 files changed, 14 insertions, 1 deletions

diff --git a/runtime/staprun/staprun_funcs.c b/runtime/staprun/staprun_funcs.c
index 8da7e7e8..781bb999 100644
--- a/runtime/staprun/staprun_funcs.c
+++ b/runtime/staprun/staprun_funcs.c
@@ -459,8 +459,21 @@ int check_permissions(void)
 #endif
 
 	/* If we're root, we can do anything. */
-	if (getuid() == 0)
+	if (getuid() == 0) {
+		/* ... like overriding the real UID */
+		const char *env_id = getenv("SYSTEMTAP_REAL_UID");
+		if (env_id && setreuid(atoi(env_id), -1))
+			err("WARNING: couldn't set staprun UID to '%s': %s",
+					env_id, strerror(errno));
+
+		/* ... or overriding the real GID */
+		env_id = getenv("SYSTEMTAP_REAL_GID");
+		if (env_id && setregid(atoi(env_id), -1))
+			err("WARNING: couldn't set staprun GID to '%s': %s",
+					env_id, strerror(errno));
+
 		return 1;
+	}
 
 	/* Check permissions for group membership.  */
 	check_groups_rc = check_groups ();