Merge pull request #119 from mvo5/su-l
su.c: run pam_getenvlist() after setup_env
This commit is contained in:
commit
3c69af9ed3
35
src/su.c
35
src/su.c
@ -913,28 +913,8 @@ static void set_environment (struct passwd *pw)
|
||||
addenv ("IFS= \t\n", NULL); /* ... instead, set a safe IFS */
|
||||
}
|
||||
|
||||
#ifdef USE_PAM
|
||||
/* we need to setup the environment *after* pam_open_session(),
|
||||
* else the UID is changed before stuff like pam_xauth could
|
||||
* run, and we cannot access /etc/shadow and co
|
||||
*/
|
||||
environ = newenvp; /* make new environment active */
|
||||
|
||||
if (change_environment) {
|
||||
/* update environment with all pam set variables */
|
||||
char **envcp = pam_getenvlist (pamh);
|
||||
if (NULL != envcp) {
|
||||
while (NULL != *envcp) {
|
||||
addenv (*envcp, NULL);
|
||||
envcp++;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#else /* !USE_PAM */
|
||||
environ = newenvp; /* make new environment active */
|
||||
#endif /* !USE_PAM */
|
||||
|
||||
if (change_environment) {
|
||||
if (fakelogin) {
|
||||
if (shellstr != pw->pw_shell) {
|
||||
@ -948,6 +928,21 @@ static void set_environment (struct passwd *pw)
|
||||
addenv ("LOGNAME", pw->pw_name);
|
||||
addenv ("SHELL", shellstr);
|
||||
}
|
||||
|
||||
#ifdef USE_PAM
|
||||
/* we need to setup the environment *after* pam_open_session(),
|
||||
* else the UID is changed before stuff like pam_xauth could
|
||||
* run, and we cannot access /etc/shadow and co
|
||||
*/
|
||||
/* update environment with all pam set variables */
|
||||
char **envcp = pam_getenvlist (pamh);
|
||||
if (NULL != envcp) {
|
||||
while (NULL != *envcp) {
|
||||
addenv (*envcp, NULL);
|
||||
envcp++;
|
||||
}
|
||||
}
|
||||
#endif /* !USE_PAM */
|
||||
}
|
||||
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user