3 files changed, 29 insertions, 1 deletions

diff --git a/NEWS b/NEWS
index 1c0499ea..6436c26e 100644
--- a/NEWS
+++ b/NEWS
@@ -8,6 +8,7 @@ Overview of changes in lightdm 1.3.1
     * Write utmp records for sessions
     * Install PAM configuration
     * Run greeters inside the "lightdm-greeter" PAM service
+    * Handle setresgid and setresuid not being available
 
 Overview of changes in lightdm 1.2.0
 
diff --git a/configure.ac b/configure.ac
index 690ba6b6..d585c9b7 100644
--- a/configure.ac
+++ b/configure.ac
@@ -21,6 +21,8 @@ dnl ###########################################################################
 
 AC_CHECK_HEADERS(security/pam_appl.h, [], AC_MSG_ERROR(PAM not found))
 
+AC_CHECK_FUNCS(setresgid setresuid)
+
 PKG_CHECK_MODULES(LIGHTDM, [
     glib-2.0 >= 2.24
     gio-2.0 >= 2.26
diff --git a/src/privileges.c b/src/privileges.c
index 1f87b4f2..c7f4ef00 100644
--- a/src/privileges.c
+++ b/src/privileges.c
@@ -12,6 +12,7 @@
 /* for setres*id() */
 #define _GNU_SOURCE
 
+#include <config.h>
 #include "privileges.h"
 
 void
@@ -20,14 +21,38 @@ privileges_drop (User *user)
     g_return_if_fail (user != NULL);
 
     g_debug ("Dropping privileges to uid %i", user_get_uid (user));
+#ifdef HAVE_SETRESGID
+    g_debug ("Calling setresgid");
     g_assert (setresgid (user_get_gid (user), user_get_gid (user), -1) == 0);
+#else
+    g_assert (setgid (user_get_gid (user)) == 0);
+    g_assert (setegid (user_get_gid (user)) == 0);
+#endif
+#ifdef HAVE_SETRESUID
+    g_debug ("Calling setresuid");
     g_assert (setresuid (user_get_uid (user), user_get_uid (user), -1) == 0);
+#else
+    g_assert (setuid (user_get_uid (user)) == 0);
+    g_assert (seteuid (user_get_uid (user)) == 0);
+#endif
 }
 
 void
 privileges_reclaim (void)
 {
     g_debug ("Restoring privileges");
+#ifdef HAVE_SETRESUID
+    g_debug ("Calling setresuid");
     g_assert (setresuid (0, 0, -1) == 0);
-    g_assert (setresgid (0, 0, -1) == 0);  
+#else
+    g_assert (setuid (0) == 0);
+    g_assert (seteuid (0) == 0);
+#endif
+#ifdef HAVE_SETRESGID
+    g_debug ("Calling setresgid");
+    g_assert (setresgid (0, 0, -1) == 0);
+#else
+    g_assert (setgid (0) == 0);
+    g_assert (setegid (0) == 0);
+#endif
 }