The SHELL environment variable was preserved from the user's
environment instead of being reset based on the passwd database when the "env_reset" option was used. Now it is reset as it should be.
This commit is contained in:
Todd C. Miller
2
env.c
2
env.c
@@ -341,7 +341,7 @@ rebuild_env(sudo_mode, envp)
|
||||
if (!(didvar & DID_HOME))
|
||||
*nep++ = format_env("HOME", user_dir);
|
||||
if (!(didvar & DID_SHELL))
|
||||
*nep++ = format_env("SHELL", user_shell);
|
||||
*nep++ = format_env("SHELL", sudo_user.pw->pw_shell);
|
||||
if (!(didvar & DID_LOGNAME))
|
||||
*nep++ = format_env("LOGNAME", user_name);
|
||||
if (!(didvar & DID_USER))
|
||||
|
||||
28
getspwuid.c
28
getspwuid.c
@@ -98,30 +98,9 @@ int crypt_type = INT_MAX;
|
||||
/*
|
||||
* Local functions not visible outside getspwuid.c
|
||||
*/
|
||||
static char *sudo_getshell __P((struct passwd *));
|
||||
static struct passwd *sudo_pwdup __P((struct passwd *));
|
||||
|
||||
|
||||
/*
|
||||
* Return the user's shell based on either the SHELL environment variable
|
||||
* (already assigned to user_shell) or, failing that, the passwd(5) entry.
|
||||
*/
|
||||
static char *
|
||||
sudo_getshell(pw)
|
||||
struct passwd *pw;
|
||||
{
|
||||
char *pw_shell;
|
||||
|
||||
if ((pw_shell = user_shell) == NULL)
|
||||
pw_shell = pw->pw_shell;
|
||||
|
||||
/* empty string "" means bourne shell */
|
||||
if (*pw_shell == '\0')
|
||||
pw_shell = _PATH_BSHELL;
|
||||
|
||||
return(pw_shell);
|
||||
}
|
||||
|
||||
/*
|
||||
* Return a copy of the encrypted password for the user described by pw.
|
||||
* If shadow passwords are in use, look in the shadow file.
|
||||
@@ -236,8 +215,11 @@ sudo_pwdup(pw)
|
||||
local_pw->pw_class = estrdup(pw->pw_class);
|
||||
#endif
|
||||
|
||||
/* pw_shell is a special case since we overide with $SHELL */
|
||||
local_pw->pw_shell = estrdup(sudo_getshell(pw));
|
||||
/* If shell field is empty, expand to _PATH_BSHELL. */
|
||||
if (local_pw->pw_shell[0] == '\0')
|
||||
local_pw->pw_shell = _PATH_BSHELL;
|
||||
else
|
||||
local_pw->pw_shell = estrdup(pw->pw_shell);
|
||||
|
||||
/* pw_passwd gets a shadow password if applicable */
|
||||
local_pw->pw_passwd = sudo_getepw(pw);
|
||||
|
||||
3
sudo.c
3
sudo.c
@@ -511,7 +511,8 @@ init_vars(sudo_mode)
|
||||
log_error(0, "uid %ld does not exist in the passwd file!",
|
||||
(long) pw.pw_uid);
|
||||
}
|
||||
user_shell = sudo_user.pw->pw_shell;
|
||||
if (user_shell == NULL || *user_shell == '\0')
|
||||
user_shell = sudo_user.pw->pw_shell;
|
||||
|
||||
/* It is now safe to use log_error() and set_perms() */
|
||||
|
||||
|
||||
Reference in New Issue
Block a user