tags 589830 + patch thanks On Wed, Jul 21, 2010 at 05:00:27PM +0100, Roger Leigh wrote: > On Wed, Jul 21, 2010 at 05:44:57PM +0200, Bastian Blank wrote: > > On Wed, Jul 21, 2010 at 03:24:37PM +0100, Roger Leigh wrote: > > > On Wed, Jul 21, 2010 at 02:56:31PM +0200, Bastian Blank wrote: > > > > The important variables TERM and SHELL are missing and breaks normal > > > > shell usage. > > > Using --preserve-environment (or setting preserve-environment=true > > > in the chroot configuration) will preserve these variables. Maybe > > > we also need to add a whitelist in addition to the blacklist which > > > automatically copies certain variables whether or not > > > --preserve-environment is used? > > > > You want to say that it is broken by default now, without even a note? > > I'll need to double check when I have some more time, but I wasn't > aware this was a regression. If it is a regression, then I'll fix it. > The environment handling was changed in the last month to move it out > of the PAM authentication code, and if it has regressed then this will > be the cause. [The PAM code doesn't have testsuite coverage due to > needing to be run as root and is rather frustrating to test robustly.] > > Either way, a whitelist would remove any hardcoded preservation logic > that was previously present and allow user customisation if desired.
Does the attached patch correct this misbehaviour? Thanks, Roger -- .''`. Roger Leigh : :' : Debian GNU/Linux http://people.debian.org/~rleigh/ `. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/ `- GPG Public Key: 0x25BFB848 Please GPG sign your mail.
diff --git a/sbuild/sbuild-auth.cc b/sbuild/sbuild-auth.cc
index 81b8c4a..611da97 100644
--- a/sbuild/sbuild-auth.cc
+++ b/sbuild/sbuild-auth.cc
@@ -240,25 +240,23 @@ auth::get_minimal_environment () const
else
minimal.add(std::make_pair("PATH", "/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/games"));
- if (this->user_environment.empty())
+ if (!this->home.empty() )
+ minimal.add(std::make_pair("HOME", this->home));
+ else
+ minimal.add(std::make_pair("HOME", "/"));
+
+ if (!this->user.empty())
{
- if (!this->home.empty() )
- minimal.add(std::make_pair("HOME", this->home));
- else
- minimal.add(std::make_pair("HOME", "/"));
- if (!this->user.empty())
- {
- minimal.add(std::make_pair("LOGNAME", this->user));
- minimal.add(std::make_pair("USER", this->user));
- }
- {
- const char *term = getenv("TERM");
- if (term)
- minimal.add(std::make_pair("TERM", term));
- }
- if (!this->shell.empty())
- minimal.add(std::make_pair("SHELL", this->shell));
+ minimal.add(std::make_pair("LOGNAME", this->user));
+ minimal.add(std::make_pair("USER", this->user));
}
+ {
+ const char *term = getenv("TERM");
+ if (term)
+ minimal.add(std::make_pair("TERM", term));
+ }
+ if (!this->shell.empty())
+ minimal.add(std::make_pair("SHELL", this->shell));
return minimal;
}
signature.asc
Description: Digital signature
