5 files changed, 20 insertions, 4 deletions

diff --git a/Makefile.am b/Makefile.am
index 87744d784c..125319fe48 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -4870,7 +4870,6 @@ nodist_systemunit_DATA += \
 GENERAL_ALIASES += \
 	$(systemunitdir)/systemd-timesyncd.service $(pkgsysconfdir)/system/sysinit.target.wants/systemd-timesyncd.service
 
-
 nodist_pkgsysconf_DATA += \
 	src/timesync/timesyncd.conf
 
diff --git a/README b/README
index c46ac7e5de..0a2c0df47d 100644
--- a/README
+++ b/README
@@ -203,6 +203,9 @@ USERS AND GROUPS:
         Similarly, the kdbus dbus1 proxy daemon requires the
         "systemd-bus-proxy" system user and group to exist.
 
+        Similarly, the coredump support requires the
+        "systemd-coredump" system user and group to exist.
+
 NSS:
         systemd ships with three NSS modules:
 
diff --git a/configure.ac b/configure.ac
index 0374b3f39b..d05d0ba31f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1106,6 +1106,7 @@ have_coredump=no
 AC_ARG_ENABLE(coredump, AS_HELP_STRING([--disable-coredump], [disable coredump hook]))
 if test "x$enable_coredump" != "xno"; then
         have_coredump=yes
+        M4_DEFINES="$M4_DEFINES -DENABLE_COREDUMP"
 fi
 AM_CONDITIONAL(ENABLE_COREDUMP, [test "$have_coredump" = "yes"])
 
diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c
index 9e056436ea..085909c20c 100644
--- a/src/coredump/coredump.c
+++ b/src/coredump/coredump.c
@@ -569,9 +569,19 @@ static int change_uid_gid(const char *context[]) {
         if (r < 0)
                 return r;
 
-        r = parse_gid(context[CONTEXT_GID], &gid);
-        if (r < 0)
-                return r;
+        if (uid <= SYSTEM_UID_MAX) {
+                const char *user = "systemd-coredump";
+
+                r = get_user_creds(&user, &uid, &gid, NULL, NULL);
+                if (r < 0) {
+                        log_warning_errno(r, "Cannot resolve %s user. Proceeding to dump core as root: %m", user);
+                        uid = gid = 0;
+                }
+        } else {
+                r = parse_gid(context[CONTEXT_GID], &gid);
+                if (r < 0)
+                        return r;
+        }
 
         return drop_privileges(uid, gid, 0);
 }
diff --git a/sysusers.d/systemd.conf.m4 b/sysusers.d/systemd.conf.m4
index 81b1d79c37..317240a9fd 100644
--- a/sysusers.d/systemd.conf.m4
+++ b/sysusers.d/systemd.conf.m4
@@ -16,3 +16,6 @@ u systemd-resolve   - "systemd Resolver"
 m4_ifdef(`ENABLE_TIMESYNCD',
 u systemd-timesync  - "systemd Time Synchronization"
 )m4_dnl
+m4_ifdef(`ENABLE_COREDUMP',
+u systemd-coredump  - "systemd Core Dumper"
+)m4_dnl