+sub drop_privileges {
+ my $user = $lx_office_conf{task_server}->{run_as};
+ return unless $user;
+
+ my ($uid, $gid);
+ while (my @details = getpwent()) {
+ next unless $details[0] eq $user;
+ ($uid, $gid) = @details[2, 3];
+ last;
+ }
+ endpwent();
+
+ if (!$uid) {
+ print "Error: Cannot drop privileges to ${user}: user does not exist\n";
+ exit 1;
+ }
+
+ if (!setgid($gid)) {
+ print "Error: Cannot drop group privileges to ${user} (group ID $gid): $!\n";
+ exit 1;
+ }
+
+ if (!setuid($uid)) {
+ print "Error: Cannot drop user privileges to ${user} (user ID $uid): $!\n";
+ exit 1;
+ }
+}
+