[Pkg-shadow-commits] r788 - in trunk/debian: . patches

Nicolas FRANCOIS nekral-guest at costa.debian.org
Sat Jan 14 16:45:28 UTC 2006 

Author: nekral-guest
Date: 2006-01-14 16:45:23 +0000 (Sat, 14 Jan 2006)
New Revision: 788

Added:
   trunk/debian/patches/484_su-p_preserve_PATH
Modified:
   trunk/debian/changelog
   trunk/debian/patches/series
Log:
-p did not preserve the PATH environment variable when su starts a
shell (no -c).
Closes: #347935


Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog	2006-01-13 09:32:29 UTC (rev 787)
+++ trunk/debian/changelog	2006-01-14 16:45:23 UTC (rev 788)
@@ -21,6 +21,10 @@
     - 483_su_fakelogin_wrong_arg0:
       - shell's name must be -su when su is faking a login shell.
         Closes: #347747
+    - 484_su-p_preserve_PATH:
+      - -p did not preserve the PATH environment variable when su started a
+        shell (no -c).
+        Closes: #347935
   * Debian specific fixes:
     - debian/rules:
       - switch to cdbs for package build

Added: trunk/debian/patches/484_su-p_preserve_PATH
===================================================================
--- trunk/debian/patches/484_su-p_preserve_PATH	2006-01-13 09:32:29 UTC (rev 787)
+++ trunk/debian/patches/484_su-p_preserve_PATH	2006-01-14 16:45:23 UTC (rev 788)
@@ -0,0 +1,31 @@
+Goal: preserve the environment when -p is used and su starts a shell
+Fixes: #347935
+
+When su -p started a shell, some environment variables were not preserved
+(e.g. PATH).
+
+Status wrt upstream: not reported yet.
+
+Note: On Linux, shell() doesn't provide anything. Just an execv would be
+simplier.
+
+Index: shadow-4.0.14/src/su.c
+===================================================================
+--- shadow-4.0.14.orig/src/su.c	2006-01-14 17:25:30.000000000 +0100
++++ shadow-4.0.14/src/su.c	2006-01-14 17:25:41.000000000 +0100
+@@ -186,8 +186,14 @@
+ 		pam_end (pamh, PAM_SUCCESS);
+ 
+ 		if (doshell)
++		{
++			/* shell do not use environ, but newenvp.
++			 * Maybe just a execv would be better?
++			 */
++			free(newenvp);
++			newenvp = environ;
+ 			shell (shellstr, (char *) args[0]);
+-		else
++		} else
+ 			(void) execv (shellstr, (char **) args);
+ 		{
+ 			int exit_status = (errno == ENOENT ? 127 : 126);

Modified: trunk/debian/patches/series
===================================================================
--- trunk/debian/patches/series	2006-01-13 09:32:29 UTC (rev 787)
+++ trunk/debian/patches/series	2006-01-14 16:45:23 UTC (rev 788)
@@ -47,6 +47,7 @@
 481_userdel_remove_remove_group
 482_libmisc_copydir_check_return_values
 483_su_fakelogin_wrong_arg0
+484_su-p_preserve_PATH
 # 999-2 is about using cdbs. It does not patch upstream files
 # so shouldn't be here, but we keep it for the future
 # 999-2_build_using_cdbs

More information about the Pkg-shadow-commits mailing list