Add struct sudoers_runas_context and move runas-specific bits into it.
This commit is contained in:
Todd C. Miller
@@ -901,11 +901,11 @@ rebuild_env(void)
|
||||
if (!ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
|
||||
#ifdef HAVE_LOGIN_CAP_H
|
||||
/* Insert login class environment variables. */
|
||||
if (user_ctx.class) {
|
||||
login_cap_t *lc = login_getclass(user_ctx.class);
|
||||
if (runas_ctx.class) {
|
||||
login_cap_t *lc = login_getclass(runas_ctx.class);
|
||||
if (lc != NULL) {
|
||||
setusercontext(lc, user_ctx.runas_pw,
|
||||
user_ctx.runas_pw->pw_uid, LOGIN_SETPATH|LOGIN_SETENV);
|
||||
setusercontext(lc, runas_ctx.pw,
|
||||
runas_ctx.pw->pw_uid, LOGIN_SETPATH|LOGIN_SETENV);
|
||||
login_close(lc);
|
||||
}
|
||||
}
|
||||
@@ -951,15 +951,15 @@ rebuild_env(void)
|
||||
* on sudoers options).
|
||||
*/
|
||||
if (ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
|
||||
CHECK_SETENV2("SHELL", user_ctx.runas_pw->pw_shell,
|
||||
CHECK_SETENV2("SHELL", runas_ctx.pw->pw_shell,
|
||||
ISSET(didvar, DID_SHELL), true);
|
||||
#ifdef _AIX
|
||||
CHECK_SETENV2("LOGIN", user_ctx.runas_pw->pw_name,
|
||||
CHECK_SETENV2("LOGIN", runas_ctx.pw->pw_name,
|
||||
ISSET(didvar, DID_LOGIN), true);
|
||||
#endif
|
||||
CHECK_SETENV2("LOGNAME", user_ctx.runas_pw->pw_name,
|
||||
CHECK_SETENV2("LOGNAME", runas_ctx.pw->pw_name,
|
||||
ISSET(didvar, DID_LOGNAME), true);
|
||||
CHECK_SETENV2("USER", user_ctx.runas_pw->pw_name,
|
||||
CHECK_SETENV2("USER", runas_ctx.pw->pw_name,
|
||||
ISSET(didvar, DID_USER), true);
|
||||
} else {
|
||||
/* We will set LOGNAME later in the def_set_logname case. */
|
||||
@@ -986,10 +986,10 @@ rebuild_env(void)
|
||||
if (ISSET(sudo_mode, MODE_LOGIN_SHELL) || !ISSET(didvar, KEPT_MAIL)) {
|
||||
if (_PATH_MAILDIR[sizeof(_PATH_MAILDIR) - 2] == '/') {
|
||||
len = asprintf(&cp, "MAIL=%s%s", _PATH_MAILDIR,
|
||||
user_ctx.runas_pw->pw_name);
|
||||
runas_ctx.pw->pw_name);
|
||||
} else {
|
||||
len = asprintf(&cp, "MAIL=%s/%s", _PATH_MAILDIR,
|
||||
user_ctx.runas_pw->pw_name);
|
||||
runas_ctx.pw->pw_name);
|
||||
}
|
||||
if (len == -1)
|
||||
goto bad;
|
||||
@@ -1036,10 +1036,10 @@ rebuild_env(void)
|
||||
if ((didvar & KEPT_USER_VARIABLES) == 0) {
|
||||
/* Nothing preserved, set them all. */
|
||||
#ifdef _AIX
|
||||
CHECK_SETENV2("LOGIN", user_ctx.runas_pw->pw_name, true, true);
|
||||
CHECK_SETENV2("LOGIN", runas_ctx.pw->pw_name, true, true);
|
||||
#endif
|
||||
CHECK_SETENV2("LOGNAME", user_ctx.runas_pw->pw_name, true, true);
|
||||
CHECK_SETENV2("USER", user_ctx.runas_pw->pw_name, true, true);
|
||||
CHECK_SETENV2("LOGNAME", runas_ctx.pw->pw_name, true, true);
|
||||
CHECK_SETENV2("USER", runas_ctx.pw->pw_name, true, true);
|
||||
} else if ((didvar & KEPT_USER_VARIABLES) != KEPT_USER_VARIABLES) {
|
||||
/*
|
||||
* Preserved some of LOGIN, LOGNAME, USER but not all.
|
||||
@@ -1071,11 +1071,11 @@ rebuild_env(void)
|
||||
|
||||
/* Set $HOME to target user if not preserving user's value. */
|
||||
if (reset_home)
|
||||
CHECK_SETENV2("HOME", user_ctx.runas_pw->pw_dir, true, true);
|
||||
CHECK_SETENV2("HOME", runas_ctx.pw->pw_dir, true, true);
|
||||
|
||||
/* Provide default values for $SHELL, $TERM and $PATH if not set. */
|
||||
if (!ISSET(didvar, DID_SHELL))
|
||||
CHECK_SETENV2("SHELL", user_ctx.runas_pw->pw_shell, false, false);
|
||||
CHECK_SETENV2("SHELL", runas_ctx.pw->pw_shell, false, false);
|
||||
if (!ISSET(didvar, DID_TERM))
|
||||
CHECK_PUTENV("TERM=unknown", false, false);
|
||||
if (!ISSET(didvar, DID_PATH))
|
||||
|
||||
Reference in New Issue
Block a user