DJ Lucas wrote:
> DJ Lucas wrote:
>
>
>>
>>The attached patch has been tested on exactly four logins called from an
>>xterm. I believe it is sane, but I can't thoroughly test it right now,
>>so if you try it, you're on your own.
>
>
> Well that was fun. I broke su attempting to fix the existing one. I
> missed an instance of ENV_SUPATH in src/su.c . Additional portion of
> patch attached. The same for all other binaries that you run across
> that show a comented variable for login.defs. BTW, I was forced to test
> a little more. :-) Works so far.
>
> -- DJ Lucas
>
Well hell!!!! Complete new patch attached.
diff -Naur shadow-4.0.10/libmisc/setupenv.c shadow-4.0.10-new/libmisc/setupenv.c
--- shadow-4.0.10/libmisc/setupenv.c 2005-06-14 15:27:35.000000000 -0500
+++ shadow-4.0.10-new/libmisc/setupenv.c 2005-06-30 00:09:21.000000000 -0500
@@ -238,7 +238,9 @@
* Create the PATH environmental variable and export it.
*/
+#ifndef USE_PAM
cp = getdef_str ((info->pw_uid == 0) ? "ENV_SUPATH" : "ENV_PATH");
+
if (!cp) {
/* not specified, use a minimal default */
addenv ("PATH=/bin:/usr/bin", NULL);
@@ -249,7 +251,7 @@
/* only value specified without "PATH=" */
addenv ("PATH", cp);
}
-
+#endif /* !USE_PAM */
/*
* Export the user name. For BSD derived systems, it's "USER", for
* all others it's "LOGNAME". We set both of them.
@@ -258,6 +260,7 @@
addenv ("USER", info->pw_name);
addenv ("LOGNAME", info->pw_name);
+#ifndef USE_PAM
/*
* MAILDIR environment variable for Qmail
*/
@@ -274,18 +277,20 @@
else if ((cp = getdef_str ("MAIL_FILE")))
addenv_path ("MAIL", info->pw_dir, cp);
else {
+# endif /* !USE_PAM */
+
#if defined(MAIL_SPOOL_FILE)
addenv_path ("MAIL", info->pw_dir, MAIL_SPOOL_FILE);
#elif defined(MAIL_SPOOL_DIR)
addenv_path ("MAIL", MAIL_SPOOL_DIR, info->pw_name);
#endif
- }
#ifndef USE_PAM
+ }
/*
* Read environment from optional config file. --marekm
*/
if ((envf = getdef_str ("ENVIRON_FILE")))
read_env_file (envf);
-#endif
+#endif /* !USE_PAM */
}
diff -Naur shadow-4.0.10/src/login.c shadow-4.0.10-new/src/login.c
--- shadow-4.0.10/src/login.c 2005-06-20 04:36:27.000000000 -0500
+++ shadow-4.0.10-new/src/login.c 2005-06-30 00:10:58.000000000 -0500
@@ -277,9 +277,11 @@
if ((tmp = getenv ("TZ"))) {
addenv ("TZ", tmp);
- } else if ((cp = getdef_str ("ENV_TZ")))
+ }
+#ifndef USE_PAM
+ else if ((cp = getdef_str ("ENV_TZ")))
addenv (*cp == '/' ? tz (cp) : cp, NULL);
-
+#endif /* !USE_PAM */
/*
* Add the clock frequency so that profiling commands work
* correctly.
@@ -287,8 +289,11 @@
if ((tmp = getenv ("HZ"))) {
addenv ("HZ", tmp);
- } else if ((cp = getdef_str ("ENV_HZ")))
+ }
+#ifndef USE_PAM
+ else if ((cp = getdef_str ("ENV_HZ")))
addenv (cp, NULL);
+#endif /* !USE_PAM */
}
@@ -505,6 +510,7 @@
umask (getdef_num ("UMASK", 077));
+#ifndef USE_PAM
{
/*
* Use the ULIMIT in the login.defs file, and if
@@ -518,7 +524,7 @@
if (limit != -1)
set_filesize_limit (limit);
}
-
+#endif /* !USE_PAM */
/*
* The entire environment will be preserved if the -p flag
* is used.
--- shadow-4.0.10/src/su.c 2005-06-20 05:17:08.000000000 -0500
+++ shadow-4.0.10-new/src/su.c 2005-06-30 00:38:26.000000000 -0500
@@ -586,6 +586,7 @@
#endif /* !USE_PAM */
signal (SIGINT, SIG_DFL);
+#ifndef USE_PAM
cp = getdef_str ((pwent.pw_uid == 0) ? "ENV_SUPATH" : "ENV_PATH");
/* XXX very similar code duplicated in libmisc/setupenv.c */
@@ -597,10 +598,8 @@
addenv ("PATH", cp);
}
-/* setup the environment for pam later on, else we run into auth problems */
-#ifndef USE_PAM
environ = newenvp; /* make new environment active */
-#endif
+#endif /* !USE_PAM */
if (getenv ("IFS")) /* don't export user IFS ... */
addenv ("IFS= \t\n", NULL); /* ... instead, set a safe IFS */
--
http://linuxfromscratch.org/mailman/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
