On Sun, 22 Jan 2012 23:54:13 -0500, Daniel Kahn Gillmor <d...@fifthhorseman.net> wrote: > i suppose it's possible to argue that we should be supplying the -l flag > to su here, though i'm not sure what else that would break, since it > would end up clearing the entire environment for the subprocess (which > i'm pretty sure we don't want to do).
I can't tell under what circumstances su PAM modules are used and when
they're not. Do you think they are used with -l ("login") whereas
they're not without?
I would have suggested we use both -l and -p ("preserve-environment"),
but looking at the su man page for -p:
If --login is used, the $TERM, $COLORTERM, $DISPLAY, and $XAUTHORITY
environment variables are copied if they were set.
Presumably all others are ignored. I guess we need some experiments.
jamie.
pgplQ8tKrGetM.pgp
Description: PGP signature
