If we cannot find nobody/nogroup, lookup current process uid/gid.

If that fails to, bail at ARGV_ERR level.

Fixes #1597

bin/varnishd/mgt/mgt_main.c

@@ -345,16 +345,40 @@ static void
 init_params(struct cli *cli)
 {
 	ssize_t def, low;
+	struct passwd *pwd;
+	struct group *grp;
 
 	MCF_CollectParams();
 
 	MCF_TcpParams();
 
-	/* If we have nobody/nogroup, use them as defaults */
-	if (getpwnam("nobody") != NULL)
+	/*
+	 * If we have nobody/nogroup, use them as defaults for sandboxes,
+	 * else fall back to whoever we run as.
+	 */
+	if (getpwnam("nobody") != NULL) {
 		MCF_SetDefault("user", "nobody");
-	if (getgrnam("nogroup") != NULL)
+	} else {
+		pwd = getpwuid(getuid());
+		if (pwd == NULL)
+			ARGV_ERR("Neither user 'nobody' or my uid (%jd)"
+			    " found in password database.\n",
+			    (intmax_t)getuid());
+		MCF_SetDefault("user", pwd->pw_name);
+	}
+	endpwent();
+
+	if (getgrnam("nogroup") != NULL) {
 		MCF_SetDefault("group", "nogroup");
+	} else {
+		grp = getgrgid(getgid());
+		if (grp == NULL)
+			ARGV_ERR("Neither group 'nogroup' or my gid (%jd)"
+			    " found in password database.\n",
+			    (intmax_t)getgid());
+		MCF_SetDefault("group", grp->gr_name);
+	}
+	endgrent();
 
 	if (sizeof(void *) < 8) {
 		/*
@@ -432,7 +456,6 @@ main(int argc, char * const *argv)
 	/* for ASSERT_MGT() */
 	mgt_pid = getpid();
 
-
 	/*
 	 * Run in UTC timezone, on the off-chance that this operating
 	 * system does not have a timegm() function, and translates

bin/varnishd/mgt/mgt_param.c

@@ -337,7 +337,7 @@ MCF_ParamSet(struct cli *cli, const char *param, const char *val)
 		*heritage.param = mgt_param;
 
 	if (cli->result != CLIS_OK) {
-		VCLI_Out(cli, "\n(attempting to set param %s to %s)",
+		VCLI_Out(cli, "\n(attempting to set param '%s' to '%s')",
 		    pp->name, val);
 	} else if (child_pid >= 0 && pp->flags & MUST_RESTART) {
 		VCLI_Out(cli,

bin/varnishd/mgt/mgt_param_tweak.c

@@ -384,17 +384,14 @@ tweak_user(struct vsb *vsb, const struct parspec *par, const char *arg)
 
 	(void)par;
 	if (arg != NULL) {
-		if (*arg != '\0') {
-			pw = getpwnam(arg);
-			if (pw == NULL) {
-				VSB_printf(vsb, "Unknown user");
-				return(-1);
-			}
-			REPLACE(mgt_param.user, pw->pw_name);
-			mgt_param.uid = pw->pw_uid;
-		} else {
-			mgt_param.uid = getuid();
+		pw = getpwnam(arg);
+		if (pw == NULL) {
+			VSB_printf(vsb, "Unknown user '%s'", arg);
+			return(-1);
 		}
+		REPLACE(mgt_param.user, pw->pw_name);
+		mgt_param.uid = pw->pw_uid;
+		endpwent();
 	} else if (mgt_param.user) {
 		VSB_printf(vsb, "%s (%d)", mgt_param.user, (int)mgt_param.uid);
 	} else {
@@ -414,17 +411,14 @@ tweak_group(struct vsb *vsb, const struct parspec *par, const char *arg)
 
 	(void)par;
 	if (arg != NULL) {
-		if (*arg != '\0') {
-			gr = getgrnam(arg);
-			if (gr == NULL) {
-				VSB_printf(vsb, "Unknown group");
-				return(-1);
-			}
-			REPLACE(mgt_param.group, gr->gr_name);
-			mgt_param.gid = gr->gr_gid;
-		} else {
-			mgt_param.gid = getgid();
+		gr = getgrnam(arg);
+		if (gr == NULL) {
+			VSB_printf(vsb, "Unknown group '%s'", arg);
+			return(-1);
 		}
+		REPLACE(mgt_param.group, gr->gr_name);
+		mgt_param.gid = gr->gr_gid;
+		endgrent();
 	} else if (mgt_param.group) {
 		VSB_printf(vsb, "%s (%d)", mgt_param.group, (int)mgt_param.gid);
 	} else {