8000 Merge branch 'PR/login-su-TERM' of https://github.com/karelzak/util-l… · util-linux/util-linux@7d514ef · GitHub
[go: up one dir, main page]
Skip to content

Commit 7d514ef

Browse files
karelzakkarelzak
committed
Merge branch 'PR/login-su-TERM' of https://github.com/karelzak/util-linux-work
* 'PR/login-su-TERM' of https://github.com/karelzak/util-linux-work: setpriv: protect COLORTERM and NO_COLOR env. variables su: protect COLORTERM and NO_COLOR env. variables login: protect COLORTERM and NO_COLOR env. variables
2 parents 36f9f45 + 71f6d70 commit 7d514ef

File tree

6 files changed

+18
-10
lines changed

6 files changed

+18
-10
lines changed

login-utils/login.1.adoc

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,9 @@ If password aging has been enabled for the account, the user may be prompted for
2828

2929
The user and group ID will be set according to their values in the _/etc/passwd_ file. There is one exception if the user ID is zero. In this case, only the primary group ID of the account is set. This should allow the system administrator to login even in case of network problems. The environment variable values for *$HOME*, *$USER*, *$SHELL*, *$PATH*, *$LOGNAME*, and *$MAIL* are set according to the appropriate fields in the password entry. *$PATH* defaults to _/usr/local/bin:/bin:/usr/bin_ for normal users, and to _/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin_ for root, if not otherwise configured.
3030

31-
The environment variable *$TERM* will be preserved, if it exists, else it will be initialized to the terminal type on your tty. Other environment variables are preserved if the *-p* option is given.
31+
The environment variable *$TERM* will be preserved, if it exists, else it will be initialized to the terminal type on your tty. The environment variables *$COLORTERM* and *$NO_COLOR* will be preserved if they exist.
32+
33+
Other environment variables are preserved if the *-p* option is given or if *LOGIN_ENV_SAFELIST* defined in _/etc/login.defs_ (see below).
3234

3335
The environment variables defined by PAM are always preserved.
3436

login-utils/login.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1194,6 +1194,8 @@ static void init_environ(struct login_context *cxt)
11941194
int len, i;
11951195

11961196
saved = env_list_add_getenv(NULL, "TERM", "dumb");
1197+
saved = env_list_add_getenv(saved, "COLORTERM", NULL);
1198+
saved = env_list_add_getenv(saved, "NO_COLOR", NULL);
11971199

11981200
/* destroy environment unless user has requested preservation (-p) */
11991201
if (!cxt->keep_env) {

login-utils/runuser.1.adoc

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,7 @@ Specify a supplementary group. This option is available to the root user only. T
4747
*-*, *-l*, *--login*::
4848
Start the shell as a login shell with an environment similar to a real login:
4949
+
50-
* clears all the environment variables except for *TERM* and variables specified by *--whitelist-environment*
50+
* clears all the environment variables except for *TERM*, *COLORTERM*, *NO_COLOR* and variables specified by *--whitelist-environment*
5151
* initializes the environment variables *HOME*, *SHELL*, *USER*, *LOGNAME*, and *PATH*
5252
* changes to the target user's home directory
5353
* sets argv[0] of the shell to '*-*' in order to make the shell a login shell

login-utils/su-common.c

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -704,8 +704,10 @@ static void modify_environment(struct su_context *su, const char *shell)
704704
* --whitelist-environment if specified.
705705
*/
706706
if (su->simulate_login) {
707-
/* leave TERM unchanged */
707+
/* leave unchanged */
708708
su->env_whitelist = env_list_add_getenv(su->env_whitelist, "TERM", NULL);
709+
su->env_whitelist = env_list_add_getenv(su->env_whitelist, "COLORTERM", NULL);
710+
su->env_whitelist = env_list_add_getenv(su->env_whitelist, "NO_COLOR", NULL);
709711

710712
/* Note that original su(1) has allocated environ[] by malloc
711713
* to the number of expected variables. This seems unnecessary

login-utils/su.1.adoc

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -55,7 +55,7 @@ PAM) from this point of view. You need to use tools like *systemd-run* or
5555
+
5656
*su* does:
5757
+
58-
* clears all the environment variables except *TERM* and variables specified by *--whitelist-environment*
58+
* clears all the environment variables except *TERM*, *COLORTERM*, *NO_COLOR* and variables specified by *--whitelist-environment*
5959
* initializes the environment variables *HOME*, *SHELL*, *USER*, *LOGNAME*, and *PATH*
6060
* changes to the target user's home directory
6161
* sets argv[0] of the shell to '*-*' in order to make the shell a login shell

sys-utils/setpriv.c

Lines changed: 8 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -721,18 +721,20 @@ static void do_seccomp_filter(const char *file)
721721

722722
static void do_reset_environ(struct passwd *pw)
723723
{
724-
char *term = getenv("TERM");
724+
struct ul_env_list *saved;
725+
726+
saved = env_list_add_getenv(NULL, "TERM", NULL);
727+
saved = env_list_add_getenv(saved, "COLORTERM", NULL);
728+
saved = env_list_add_getenv(saved, "NO_COLOR", NULL);
725729

726-
if (term)
727-
term = xstrdup(term);
728730
#ifdef HAVE_CLEARENV
729731
clearenv();
730732
#else
731733
environ = NULL;
732734
#endif
733-
if (term) {
734-
xsetenv("TERM", term, 1);
735-
free(term);
735+
if (saved) {
736+
env_list_setenv(saved, 1);
737+
env_list_free(saved);
736738
}
737739

738740
if (pw->pw_shell && *pw->pw_shell)

0 commit comments

Comments
 (0)
0