In -i mode always set new environment based on the runas user's passwd entry.

diff --git a/env.c b/env.c
index 94bbf1e067b01dbf7118682e73735ce6c3439324..09a0403ce5b868c63dc7dbbd7f9b7363861fdf76 100644 (file)
--- a/env.c
+++ b/env.c
@@ -307,9 +307,9 @@ insert_env(str, dupcheck)
  * Also adds sudo-specific variables (SUDO_*).
  */
 char **
-rebuild_env(envp, reset_home, noexec)
+rebuild_env(envp, sudo_mode, noexec)
     char **envp;
-    int reset_home;
+    int sudo_mode;
     int noexec;
 {
     char **ep, *cp, *ps1;
@@ -383,17 +383,25 @@ rebuild_env(envp, reset_home, noexec)
        }
 
        /*
-        * Add in defaults unless they were preserved from the
-        * user's environment.
+        * Add in defaults.  In -i mode these come from the runas user,
+        * otherwise they may be from the user's environment (depends
+        * on sudoers options).
         */
-       if (!(didvar & DID_HOME))
-           insert_env(format_env("HOME", user_dir, VNULL), 0);
-       if (!(didvar & DID_SHELL))
-           insert_env(format_env("SHELL", sudo_user.pw->pw_shell, VNULL), 0);
-       if (!(didvar & DID_LOGNAME))
-           insert_env(format_env("LOGNAME", user_name, VNULL), 0);
-       if (!(didvar & DID_USER))
-           insert_env(format_env("USER", user_name, VNULL), 0);
+       if (sudo_mode & MODE_LOGIN_SHELL) {
+           insert_env(format_env("HOME", runas_pw->pw_dir, VNULL), 0);
+           insert_env(format_env("SHELL", runas_pw->pw_shell, VNULL), 0);
+           insert_env(format_env("LOGNAME", runas_pw->pw_name, VNULL), 0);
+           insert_env(format_env("USER", runas_pw->pw_name, VNULL), 0);
+       } else {
+           if (!(didvar & DID_HOME))
+               insert_env(format_env("HOME", user_dir, VNULL), 0);
+           if (!(didvar & DID_SHELL))
+               insert_env(format_env("SHELL", sudo_user.pw->pw_shell, VNULL), 0);
+           if (!(didvar & DID_LOGNAME))
+               insert_env(format_env("LOGNAME", user_name, VNULL), 0);
+           if (!(didvar & DID_USER))
+               insert_env(format_env("USER", user_name, VNULL), 0);
+       }
     } else {
        /*
         * Copy envp entries as long as they don't match env_delete or
@@ -462,7 +470,7 @@ rebuild_env(envp, reset_home, noexec)
     }
 
     /* Set $HOME for `sudo -H'.  Only valid at PERM_FULL_RUNAS. */
-    if (reset_home && runas_pw->pw_dir)
+    if ((sudo_mode & MODE_RESET_HOME) && runas_pw->pw_dir)
        insert_env(format_env("HOME", runas_pw->pw_dir, VNULL), 1);
 
     /*

diff --git a/sudo.c b/sudo.c
index 36802089eeec321ea57eda7c5f3bd70977799677..c514e39bf0503f55b4b990379a42957853b8813c 100644 (file)
--- a/sudo.c
+++ b/sudo.c
@@ -132,7 +132,7 @@ extern struct passwd *sudo_pwdup    __P((const struct passwd *));
  * Globals
  */
 int Argc, NewArgc;
-int sudo_mode;
+static int sudo_mode;
 char **Argv, **NewArgv;
 struct sudo_user sudo_user;
 struct passwd *auth_pw;
@@ -344,8 +344,7 @@ main(argc, argv, envp)
        check_user(validated & FLAG_CHECK_USER);
 
     /* Build up custom environment that avoids any nasty bits. */
-    new_environ = rebuild_env(envp, (sudo_mode & MODE_RESET_HOME),
-       (validated & FLAG_NOEXEC));
+    new_environ = rebuild_env(envp, sudo_mode, (validated & FLAG_NOEXEC));
 
     if (validated & VALIDATE_OK) {
        /* Finally tell the user if the command did not exist. */