1 files changed, 31 insertions, 4 deletions

diff --git a/plugins/mod_posix.lua b/plugins/mod_posix.lua
index 83b8122e..5f7dfc5b 100644
--- a/plugins/mod_posix.lua
+++ b/plugins/mod_posix.lua
@@ -23,12 +23,39 @@ local prosody = _G.prosody;
 
 module.host = "*"; -- we're a global module
 
+-- Allow switching away from root, some people like strange ports.
+module:add_event_hook("server-started", function ()
+		local uid = module:get_option("setuid");
+		local gid = module:get_option("setgid");
+		if gid then
+			local success, msg = pposix.setgid(gid);
+			if success then
+				module:log("debug", "Changed group to "..gid.." successfully.");
+			else
+				module:log("error", "Failed to change group to "..gid..". Error: "..msg);
+				prosody.shutdown("Failed to change group to "..gid);
+			end
+		end
+		if uid then
+			local success, msg = pposix.setuid(uid);
+			if success then
+				module:log("debug", "Changed user to "..uid.." successfully.");
+			else
+				module:log("error", "Failed to change user to "..uid..". Error: "..msg);
+				prosody.shutdown("Failed to change user to "..uid);
+			end
+		end
+	end);
+
 -- Don't even think about it!
 module:add_event_hook("server-starting", function ()
-		if pposix.getuid() == 0 and not module:get_option("run_as_root") then
-			module:log("error", "Danger, Will Robinson! Prosody doesn't need to be run as root, so don't do it!");
-			module:log("error", "For more information on running Prosody as root, see http://prosody.im/doc/root");
-			prosody.shutdown("Refusing to run as root");
+		local suid = module:get_option("setuid");
+		if not suid or suid == 0 or suid == "root" then
+			if pposix.getuid() == 0 and not module:get_option("run_as_root") then
+				module:log("error", "Danger, Will Robinson! Prosody doesn't need to be run as root, so don't do it!");
+				module:log("error", "For more information on running Prosody as root, see http://prosody.im/doc/root");
+				prosody.shutdown("Refusing to run as root");
+			end
 		end
 	end);