On Sun, Mar 13, 2022 at 02:30:23PM +0100, Solene Rapenne wrote:
> Hi, I'm playing with the new rtable feature in login.conf(5) but it
> seems one use case doesn't trigger the rtable change.
>
> I have an user called alice, if I ssh locally from my user to alice
> with ssh alice@localhost, alice has the correct routing table, if I use
> as root "su -l alice", then alice seems using rtable 0.
Ignoring -L which already honors rtable, su has three cases:
-l (asme=0 asthem=1)
-m (asme=1 asthem=0)
<neither> (asme=0 asthem=0)
-l should honor rtable; I am not sure about the other two. I think the
least suprising would be for the neither case to honor rtable and for -m
to not, but I don't have a strong opinion here. Patch as suggested below.
> if it works, I'm using rtable 1 (openvpn), if not, it's using rtable 0.
id -R will show the rtable directly.
diff --git su.c su.c
index f87e6690835..c2fbbe2724d 100644
--- su.c
+++ su.c
@@ -355,6 +355,8 @@ main(int argc, char **argv)
flags &= ~LOGIN_SETLOGIN;
} else {
flags = LOGIN_SETRESOURCES|LOGIN_SETGROUP|LOGIN_SETUSER;
+ if (!asme)
+ flags |= LOGIN_SETRTABLE;
if (asthem)
flags |= LOGIN_SETENV|LOGIN_SETPRIORITY|LOGIN_SETUMASK;
}
