The SHELL environment variable was preserved from the user's
environment instead of being reset based on the passwd database when the "env_reset" option was used. Now it is reset as it should be.
This commit is contained in:
Todd C. Miller
2
env.c
2
env.c
@@ -341,7 +341,7 @@ rebuild_env(sudo_mode, envp)
|
|||||||
if (!(didvar & DID_HOME))
|
if (!(didvar & DID_HOME))
|
||||||
*nep++ = format_env("HOME", user_dir);
|
*nep++ = format_env("HOME", user_dir);
|
||||||
if (!(didvar & DID_SHELL))
|
if (!(didvar & DID_SHELL))
|
||||||
*nep++ = format_env("SHELL", user_shell);
|
*nep++ = format_env("SHELL", sudo_user.pw->pw_shell);
|
||||||
if (!(didvar & DID_LOGNAME))
|
if (!(didvar & DID_LOGNAME))
|
||||||
*nep++ = format_env("LOGNAME", user_name);
|
*nep++ = format_env("LOGNAME", user_name);
|
||||||
if (!(didvar & DID_USER))
|
if (!(didvar & DID_USER))
|
||||||
|
|||||||
28
getspwuid.c
28
getspwuid.c
@@ -98,30 +98,9 @@ int crypt_type = INT_MAX;
|
|||||||
/*
|
/*
|
||||||
* Local functions not visible outside getspwuid.c
|
* Local functions not visible outside getspwuid.c
|
||||||
*/
|
*/
|
||||||
static char *sudo_getshell __P((struct passwd *));
|
|
||||||
static struct passwd *sudo_pwdup __P((struct passwd *));
|
static struct passwd *sudo_pwdup __P((struct passwd *));
|
||||||
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Return the user's shell based on either the SHELL environment variable
|
|
||||||
* (already assigned to user_shell) or, failing that, the passwd(5) entry.
|
|
||||||
*/
|
|
||||||
static char *
|
|
||||||
sudo_getshell(pw)
|
|
||||||
struct passwd *pw;
|
|
||||||
{
|
|
||||||
char *pw_shell;
|
|
||||||
|
|
||||||
if ((pw_shell = user_shell) == NULL)
|
|
||||||
pw_shell = pw->pw_shell;
|
|
||||||
|
|
||||||
/* empty string "" means bourne shell */
|
|
||||||
if (*pw_shell == '\0')
|
|
||||||
pw_shell = _PATH_BSHELL;
|
|
||||||
|
|
||||||
return(pw_shell);
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Return a copy of the encrypted password for the user described by pw.
|
* Return a copy of the encrypted password for the user described by pw.
|
||||||
* If shadow passwords are in use, look in the shadow file.
|
* If shadow passwords are in use, look in the shadow file.
|
||||||
@@ -236,8 +215,11 @@ sudo_pwdup(pw)
|
|||||||
local_pw->pw_class = estrdup(pw->pw_class);
|
local_pw->pw_class = estrdup(pw->pw_class);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* pw_shell is a special case since we overide with $SHELL */
|
/* If shell field is empty, expand to _PATH_BSHELL. */
|
||||||
local_pw->pw_shell = estrdup(sudo_getshell(pw));
|
if (local_pw->pw_shell[0] == '\0')
|
||||||
|
local_pw->pw_shell = _PATH_BSHELL;
|
||||||
|
else
|
||||||
|
local_pw->pw_shell = estrdup(pw->pw_shell);
|
||||||
|
|
||||||
/* pw_passwd gets a shadow password if applicable */
|
/* pw_passwd gets a shadow password if applicable */
|
||||||
local_pw->pw_passwd = sudo_getepw(pw);
|
local_pw->pw_passwd = sudo_getepw(pw);
|
||||||
|
|||||||
3
sudo.c
3
sudo.c
@@ -511,7 +511,8 @@ init_vars(sudo_mode)
|
|||||||
log_error(0, "uid %ld does not exist in the passwd file!",
|
log_error(0, "uid %ld does not exist in the passwd file!",
|
||||||
(long) pw.pw_uid);
|
(long) pw.pw_uid);
|
||||||
}
|
}
|
||||||
user_shell = sudo_user.pw->pw_shell;
|
if (user_shell == NULL || *user_shell == '\0')
|
||||||
|
user_shell = sudo_user.pw->pw_shell;
|
||||||
|
|
||||||
/* It is now safe to use log_error() and set_perms() */
|
/* It is now safe to use log_error() and set_perms() */
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user