[master] 07c4432 varnishtest: setuid(nobody) if running as root

[Tollef Fog Heen]

commit 07c4432ba55b50b6640c5eeb24155a3618224f61
Author: Tollef Fog Heen <tfheen at err.no>
Date:   Wed Jan 26 12:18:21 2011 +0100

    varnishtest: setuid(nobody) if running as root
    
    If we were running as root, m00004 would fail as it would not be able
    to read the files from the temporary directory.  To avoid this
    problem, we now setuid to nobody if we are running as root.

diff --git a/bin/varnishtest/vtc_main.c b/bin/varnishtest/vtc_main.c
index 3db3bd9..ac3436e 100644
--- a/bin/varnishtest/vtc_main.c
+++ b/bin/varnishtest/vtc_main.c
@@ -42,6 +42,11 @@ SVNID("$Id$")
 #include <sys/stat.h>
 #include <sys/types.h>
 #include <sys/wait.h>
+#include <pwd.h>
+
+#ifdef __linux__
+#include <sys/prctl.h>
+#endif
 
 #include "libvarnish.h"
 #include "vev.h"
@@ -364,6 +369,21 @@ main(int argc, char * const *argv)
 
 	vb = vev_new_base();
 
+	if (geteuid() == 0) {
+		struct passwd *pw;
+		pw = getpwnam("nobody");
+		assert(setgid(pw->pw_gid) == 0);
+		assert(setuid(pw->pw_uid) == 0);
+		/* On Linux >= 2.4, you need to set the dumpable flag
+		   to get core dumps after you have done a setuid. */
+#ifdef __linux__
+		if (prctl(PR_SET_DUMPABLE, 1) != 0) {
+		  printf("Could not set dumpable bit.  Core dumps turned "
+			 "off\n");
+		}
+#endif
+	}
+
 	i = 0;
 	while(!VTAILQ_EMPTY(&tst_head) || i) {
 		if (!VTAILQ_EMPTY(&tst_head) && njob < npar) {