From 772c8d0e6c3901fce18f9b35ce2302e91c912cc9 Mon Sep 17 00:00:00 2001
From: Frank Denis <github@pureftpd.org>
Date: Wed, 3 Oct 2018 17:57:39 +0200
Subject: [PATCH] user.Lookup() may not be available on some platforms

So, explain what's going on, support numeric ids, try to be a bit
more friendly to these platforms
---
 dnscrypt-proxy/privilege_linux.go | 21 +++++++++++++--------
 1 file changed, 13 insertions(+), 8 deletions(-)

diff --git a/dnscrypt-proxy/privilege_linux.go b/dnscrypt-proxy/privilege_linux.go
index 65730752..2340a403 100644
--- a/dnscrypt-proxy/privilege_linux.go
+++ b/dnscrypt-proxy/privilege_linux.go
@@ -22,23 +22,28 @@ func (proxy *Proxy) dropPrivilege(userStr string, fds []*os.File) {
 	if currentUser.Uid != "0" {
 		dlog.Fatal("I need root permissions. Try again with 'sudo'")
 	}
-	user, err := user.Lookup(userStr)
+	userInfo, err := user.Lookup(userStr)
 	args := os.Args
 
 	if err != nil {
-		dlog.Fatal(err)
+		uid, err2 := strconv.Atoi(userStr)
+		if err2 != nil || uid <= 0 {
+			dlog.Fatalf("Unable to retrieve any information about user [%s]: [%s] - Remove the user_name directive from the configuration file in order to avoid identity switch", userStr, err)
+		}
+		dlog.Warnf("Unable to retrieve any information about user [%s]: [%s] - Switching to user id [%v] with the same group id, as [%v] looks like a user id. But you should remove or fix the user_name directive in the configuration file if possible", userStr, err, uid, uid)
+		userInfo = &user.User{Uid: userStr, Gid: userStr}
 	}
-	uid, err := strconv.Atoi(user.Uid)
+	uid, err := strconv.Atoi(userInfo.Uid)
 	if err != nil {
 		dlog.Fatal(err)
 	}
-	gid, err := strconv.Atoi(user.Gid)
+	gid, err := strconv.Atoi(userInfo.Gid)
 	if err != nil {
 		dlog.Fatal(err)
 	}
 	execPath, err := exec.LookPath(args[0])
 	if err != nil {
-		dlog.Fatal(err)
+		dlog.Fatalf("Unable to get the path to the dnscrypt-proxy executable file: [%s]", err)
 	}
 	path, err := filepath.Abs(execPath)
 	if err != nil {
@@ -52,13 +57,13 @@ func (proxy *Proxy) dropPrivilege(userStr string, fds []*os.File) {
 	dlog.Notice("Dropping privileges")
 	runtime.LockOSThread()
 	if _, _, rcode := syscall.RawSyscall(syscall.SYS_SETGROUPS, uintptr(0), uintptr(0), 0); rcode != 0 {
-		dlog.Fatalf("Unable to drop additional groups: %s", err)
+		dlog.Fatalf("Unable to drop additional groups: [%s]", err)
 	}
 	if _, _, rcode := syscall.RawSyscall(syscall.SYS_SETGID, uintptr(gid), 0, 0); rcode != 0 {
-		dlog.Fatalf("Unable to drop user privileges: %s", err)
+		dlog.Fatalf("Unable to drop user privileges: [%s]", err)
 	}
 	if _, _, rcode := syscall.RawSyscall(syscall.SYS_SETUID, uintptr(uid), 0, 0); rcode != 0 {
-		dlog.Fatalf("Unable to drop user privileges: %s", err)
+		dlog.Fatalf("Unable to drop user privileges: [%s]", err)
 	}
 	maxfd := uintptr(0)
 	for _, fd := range fds {