diff options
-rw-r--r-- | runtime/staprun/staprun_funcs.c | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/runtime/staprun/staprun_funcs.c b/runtime/staprun/staprun_funcs.c index 8da7e7e8..781bb999 100644 --- a/runtime/staprun/staprun_funcs.c +++ b/runtime/staprun/staprun_funcs.c @@ -459,8 +459,21 @@ int check_permissions(void) #endif /* If we're root, we can do anything. */ - if (getuid() == 0) + if (getuid() == 0) { + /* ... like overriding the real UID */ + const char *env_id = getenv("SYSTEMTAP_REAL_UID"); + if (env_id && setreuid(atoi(env_id), -1)) + err("WARNING: couldn't set staprun UID to '%s': %s", + env_id, strerror(errno)); + + /* ... or overriding the real GID */ + env_id = getenv("SYSTEMTAP_REAL_GID"); + if (env_id && setregid(atoi(env_id), -1)) + err("WARNING: couldn't set staprun GID to '%s': %s", + env_id, strerror(errno)); + return 1; + } /* Check permissions for group membership. */ check_groups_rc = check_groups (); |