Hi Martijn, On Tue, Dec 11, 2012 at 6:44 PM, Martijn van Duren <m.vandu...@jonker.nl> wrote: > > I'm a new to OpenBSD and BSD in general. > > On my new install I found that it is possible to set environment > variables via the login.conf file. When trying I found out that those > variables aren't honored if I log in via ssh. Setting the variables via > setusercontext in a test-application and via the login command does > work. > > Am I somehow missing a setting in sshd_config that ignores these > settings or do I need to report this as a bug?
One feature you've certainly seen in the manpage is the following: UseLogin Specifies whether login(1) is used for interactive login sessions. The default is ``no''. Note that login(1) is never used for remote command execution. Note also, that if this is enabled, X11Forwarding will be disabled because login(1) does not know how to handle xauth(1) cookies. If UsePrivilegeSeparation is specified, it will be disabled after authentication. However as you can see, it has some limitations that may be annoying. A quick look at ssh source code in src/usr.bin/ssh/ show that setusercontext(3) is hither and thither with various flags, but never with LOGIN_SETENV. I think it is possible to add such a call in session.c:d_setup_env(). I am surprised though that it has never been done before (likewise, I wonder why the other flags such as LOGIN_SETUMASK, LOGIN_SETRESOURCES and so on are not honored). There may be some history about this. Regards, -- Jeremie Le Hen Scientists say the world is made up of Protons, Neutrons and Electrons. They forgot to mention Morons.