Hi Martijn,
On Tue, Dec 11, 2012 at 6:44 PM, Martijn van Duren <m.vandu...@jonker.nl> wrote:
>
> I'm a new to OpenBSD and BSD in general.
>
> On my new install I found that it is possible to set environment
> variables via the login.conf file. When trying I found out that those
> variables aren't honored if I log in via ssh. Setting the variables via
> setusercontext in a test-application and via the login command does
> work.
>
> Am I somehow missing a setting in sshd_config that ignores these
> settings or do I need to report this as a bug?
One feature you've certainly seen in the manpage is the following:
UseLogin
Specifies whether login(1) is used for interactive login
sessions. The default is ``no''. Note that login(1) is never
used for remote command execution. Note also, that if this is
enabled, X11Forwarding will be disabled because login(1) does not
know how to handle xauth(1) cookies. If UsePrivilegeSeparation
is specified, it will be disabled after authentication.
However as you can see, it has some limitations that may be annoying.
A quick look at ssh source code in src/usr.bin/ssh/ show that
setusercontext(3) is hither and thither with various flags, but never
with LOGIN_SETENV.
I think it is possible to add such a call in session.c:d_setup_env().
I am surprised though that it has never been done before (likewise, I
wonder why the other flags such as LOGIN_SETUMASK, LOGIN_SETRESOURCES
and so on are not honored). There may be some history about this.
Regards,
--
Jeremie Le Hen
Scientists say the world is made up of Protons, Neutrons and Electrons.
They forgot to mention Morons.
