8000 Merge branch 'PR/PATH-consolidate' of https://github.com/karelzak/uti… · util-linux/util-linux@f7dbf15 · GitHub
[go: up one dir, main page]
Skip to content

Commit f7dbf15

Browse files
karelzakkarelzak
committed
Merge branch 'PR/PATH-consolidate' of https://github.com/karelzak/util-linux-work
* 'PR/PATH-consolidate' of https://github.com/karelzak/util-linux-work: setpriv: follow /etc/login.defs for PATH su: use logindefs_setenv_path() login: use logindefs_setenv_path() logindefs: Add function to set PATH
2 parents 7d514ef + 3b2899a commit f7dbf15

File tree

8 files changed

+37
-35
lines changed

8 files changed

+37
-35
lines changed

include/logindefs.h

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,10 @@ extern int getlogindefs_bool(const char *name, int dflt);
2828
extern unsigned long getlogindefs_num(const char *name, unsigned long dflt);
2929
extern const char *getlogindefs_str(const char *name, const char *dflt);
3030
extern void free_getlogindefs_data(void);
31+
3132
extern int logindefs_setenv(const char *name, const char *conf, const char *dflt);
33+
extern int logindefs_setenv_path(uid_t uid);
34+
3235
extern int effective_access(const char *path, int mode);
3336
extern int get_hushlogin_status(struct passwd *pwd, const char *override_home, int force_check);
3437

lib/logindefs.c

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -424,6 +424,22 @@ int logindefs_setenv(const char *name, const char *conf, const char *dflt)
424424
return val ? setenv(name, val, 1) : -1;
425425
}
426426

427+
/*
428+
* logindefs based setenv("PATH")
429+
*/
430+
int logindefs_setenv_path(uid_t uid)
431+
{
432+
int rc = 0;
433+
434+
if (uid)
435+
rc = logindefs_setenv("PATH", "ENV_PATH", _PATH_DEFPATH);
436+
437+
else if ((rc = logindefs_setenv("PATH", "ENV_SUPATH", NULL)) != 0)
438+
rc = logindefs_setenv("PATH", "ENV_ROOTPATH", _PATH_DEFPATH_ROOT);
439+
440+
return rc;
441+
}
442+
427443
/*
428444
* We need to check the effective UID/GID. For example, $HOME could be on a
429445
* root-squashed NFS or on an NFS with UID mapping, and access(2) uses the

login-utils/login.c

Lines changed: 2 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1214,14 +1214,8 @@ static void init_environ(struct login_context *cxt)
12141214
xsetenv("USER", pwd->pw_name, 1);
12151215
xsetenv("SHELL", pwd->pw_shell, 1);
12161216

1217-
if (pwd->pw_uid) {
1218-
if (logindefs_setenv("PATH", "ENV_PATH", _PATH_DEFPATH) != 0)
1219-
err(EXIT_FAILURE, _("failed to set the %s environment variable"), "PATH");
1220-
1221-
} else if (logindefs_setenv("PATH", "ENV_ROOTPATH", NULL) != 0 &&
1222-
logindefs_setenv("PATH", "ENV_SUPATH", _PATH_DEFPATH_ROOT) != 0) {
1223-
err(EXIT_FAILURE, _("failed to set the %s environment variable"), "PATH");
1224-
}
1217+
if (logindefs_setenv_path(pwd->pw_uid) != 0)
1218+
err(EXIT_FAILURE, _("failed to set the PATH environment variable"));
12251219

12261220
/* mailx will give a funny error msg if you forget this one */
12271221
len = snprintf(tmp, sizeof(tmp), "%s/%s", _PATH_MAILDIR, pwd->pw_name);

login-utils/su-common.c

Lines changed: 5 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -675,22 +675,6 @@ static void create_watching_parent(struct su_context *su)
675675
exit(status);
676676
}
677677

678-
static void setenv_path(const struct passwd *pw)
679-
{
680-
int rc;
681-
682-
DBG(MISC, ul_debug("setting PATH"));
683-
684-
if (pw->pw_uid)
685-
rc = logindefs_setenv("PATH", "ENV_PATH", _PATH_DEFPATH);
686-
687-
else if ((rc = logindefs_setenv("PATH", "ENV_SUPATH", NULL)) != 0)
688-
rc = logindefs_setenv("PATH", "ENV_ROOTPATH", _PATH_DEFPATH_ROOT);
689-
690-
if (rc)
691-
err(EXIT_FAILURE, _("failed to set the PATH environment variable"));
692-
}
693-
694678
static void modify_environment(struct su_context *su, const char *shell)
695679
{
696680
const struct passwd *pw = su->pwd;
@@ -725,7 +709,8 @@ static void modify_environment(struct su_context *su, const char *shell)
725709
if (shell)
726710
xsetenv("SHELL", shell, 1);
727711

728-
setenv_path(pw);
712+
if (logindefs_setenv_path(pw->pw_uid) != 0)
713+
err(EXIT_FAILURE, _("failed to set the PATH environment variable"));
729714

730715
xsetenv("HOME", pw->pw_dir, 1);
731716
xsetenv("USER", pw->pw_name, 1);
@@ -742,8 +727,9 @@ static void modify_environment(struct su_context *su, const char *shell)
742727
if (shell)
743728
xsetenv("SHELL", shell, 1);
744729

745-
if (getlogindefs_bool("ALWAYS_SET_PATH", 0))
746-
setenv_path(pw);
730+
if (getlogindefs_bool("ALWAYS_SET_PATH", 0)
731+
&& logindefs_setenv_path(pw->pw_uid) != 0)
732+
err(EXIT_FAILURE, _("failed to set the PATH environment variable"));
747733

748734
if (pw->pw_uid) {
749735
xsetenv("USER", pw->pw_name, 1);

meson.build

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2175,7 +2175,7 @@ exe = executable(
21752175
'setpriv',
21762176
setpriv_sources,
21772177
include_directories : includes,
2178-
link_with : [lib_common],
2178+
link_with : [lib_common, logindefs_c],
21792179
dependencies : [lib_cap_ng],
21802180
install_dir : usrbin_exec_dir,
21812181
install : opt,

sys-utils/Makemodule.am

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -592,7 +592,8 @@ usrbin_exec_PROGRAMS += setpriv
592592
MANPAGES += sys-utils/setpriv.1
593593
dist_noinst_DATA += sys-utils/setpriv.1.adoc
594594
setpriv_SOURCES = sys-utils/setpriv.c \
595-
lib/caputils.c
595+
lib/caputils.c \
596+
lib/logindefs.c
596597
dist_noinst_HEADERS += sys-utils/setpriv-landlock.h
597598
if HAVE_LINUX_LANDLOCK_H
598599
setpriv_SOURCES += sys-utils/setpriv-landlock.c

sys-utils/setpriv.1.adoc

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -121,9 +121,12 @@ Load raw BPF seccomp filter code from a file.
121121
Filters can for example be created with *enosys*.
122122

123123
*--reset-env*::
124-
Clears all the environment variables except *TERM*; initializes the environment variables *HOME*, *SHELL*, *USER*, *LOGNAME* according to the user's passwd entry; sets *PATH* to _/usr/local/bin:/bin:/usr/bin_ for a regular user and to _/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin_ for root.
124+
* clears all the environment variables except *TERM* environment variable
125+
* initializes the environment variables *HOME*, *SHELL*, *USER*, *LOGNAME* according to the user's passwd entry
126+
* the environment variable *SHELL* defaults to */bin/sh* if none is given in the user's passwd entry.
127+
* resets *PATH* senvironment variable according to setting in _/etc/login.defs_ (*ENV_PATH*, *ENV_SUPATH* or *ENV_ROOTPATH* variables), or defaults to _/usr/local/bin:/bin:/usr/bin_ for a regular user and to _/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin_ for root.
125128
+
126-
The environment variable *PATH* may be different on systems where _/bin_ and _/sbin_ are merged into _/usr_. The environment variable *SHELL* defaults to */bin/sh* if none is given in the user's passwd entry.
129+
The environment variable *PATH* may be different on systems where _/bin_ and _/sbin_ are merged into _/usr_.
127130

128131
include::man-common/help-version.adoc[]
129132

sys-utils/setpriv.c

Lines changed: 3 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,8 @@
4646
#include "setpriv-landlock.h"
4747
#include "seccomp.h"
4848

49+
#include "logindefs.h"
50+
4951
#ifndef PR_SET_NO_NEW_PRIVS
5052
# define PR_SET_NO_NEW_PRIVS 38
5153 80E5
#endif
@@ -746,10 +748,7 @@ static void do_reset_environ(struct passwd *pw)
746748
xsetenv("USER", pw->pw_name, 1);
747749
xsetenv("LOGNAME", pw->pw_name, 1);
748750

749-
if (pw->pw_uid)
750-
xsetenv("PATH", _PATH_DEFPATH, 1);
751-
else
752-
xsetenv("PATH", _PATH_DEFPATH_ROOT, 1);
751+
logindefs_setenv_path(pw->pw_uid);
753752
}
754753

755754
static uid_t get_user(const char *s, const char *err)

0 commit comments

Comments
 (0)
0