static const char *initial_keepenv_table[] = {
"COLORS",
"DISPLAY",
- "HOME",
"HOSTNAME",
"KRB5CCNAME",
"LS_COLORS",
char **old_envp, **ep, *cp, *ps1;
char idbuf[MAX_UID_T_LEN];
unsigned int didvar;
+ int reset_home = FALSE;
/*
* Either clean out the environment or reset to a safe default.
memset(env.envp, 0, env.env_size * sizeof(char *));
#endif
if (def_env_reset || ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
+ /* Reset HOME based on target user unless keeping old value. */
+ reset_home = TRUE;
+
/* Pull in vars we want to keep from the old environment. */
for (ep = old_envp; *ep; ep++) {
int keepit;
* on sudoers options).
*/
if (ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
- sudo_setenv("HOME", runas_pw->pw_dir, ISSET(didvar, DID_HOME));
sudo_setenv("SHELL", runas_pw->pw_shell, ISSET(didvar, DID_SHELL));
sudo_setenv("LOGNAME", runas_pw->pw_name,
ISSET(didvar, DID_LOGNAME));
sudo_setenv("USERNAME", runas_pw->pw_name,
ISSET(didvar, DID_USERNAME));
} else {
- if (!ISSET(didvar, DID_HOME))
- sudo_setenv("HOME", user_dir, FALSE);
if (!ISSET(didvar, DID_SHELL))
sudo_setenv("SHELL", sudo_user.pw->pw_shell, FALSE);
if (!ISSET(didvar, DID_LOGNAME))
sudo_putenv(cp, ISSET(didvar, DID_MAIL), TRUE);
}
} else {
+ /* Reset HOME based on target user if configured to. */
+ if (ISSET(sudo_mode, MODE_RUN)) {
+ if (def_always_set_home || ISSET(sudo_mode, MODE_RESET_HOME) ||
+ (ISSET(sudo_mode, MODE_SHELL) && def_set_home))
+ reset_home = TRUE;
+ }
+
/*
* Copy environ entries as long as they don't match env_delete or
* env_check.
}
/* Set $USER, $LOGNAME and $USERNAME to target if "set_logname" is true. */
- /* XXX - not needed for MODE_LOGIN_SHELL */
- if (def_set_logname && runas_pw->pw_name) {
+ if (def_set_logname && !ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
if (!ISSET(didvar, KEPT_LOGNAME))
sudo_setenv("LOGNAME", runas_pw->pw_name, TRUE);
if (!ISSET(didvar, KEPT_USER))
sudo_setenv("USERNAME", runas_pw->pw_name, TRUE);
}
- /* Set $HOME for `sudo -H'. Only valid at PERM_FULL_RUNAS. */
- /* XXX - not needed for MODE_LOGIN_SHELL */
- if (runas_pw->pw_dir) {
- if (ISSET(sudo_mode, MODE_RESET_HOME) ||
- (ISSET(sudo_mode, MODE_RUN) && (def_always_set_home ||
- (ISSET(sudo_mode, MODE_SHELL) && def_set_home))))
- sudo_setenv("HOME", runas_pw->pw_dir, TRUE);
- }
+ /* Set $HOME to target user if not preserving user's value. */
+ if (reset_home && !ISSET(didvar, KEPT_HOME))
+ sudo_setenv("HOME", runas_pw->pw_dir, ISSET(didvar, DID_HOME));
/* Provide default values for $TERM and $PATH if they are not set. */
if (!ISSET(didvar, DID_TERM))
-H The -\b-H\bH (_\bH_\bO_\bM_\bE) option sets the HOME environment variable to
the homedir of the target user (root by default) as
- specified in _\bp_\ba_\bs_\bs_\bw_\bd(4). By default, s\bsu\bud\bdo\bo does not modify
- HOME (see _\bs_\be_\bt_\b__\bh_\bo_\bm_\be and _\ba_\bl_\bw_\ba_\by_\bs_\b__\bs_\be_\bt_\b__\bh_\bo_\bm_\be in _\bs_\bu_\bd_\bo_\be_\br_\bs(4)).
+ specified in _\bp_\ba_\bs_\bs_\bw_\bd(4). The default handling of the HOME
+ environment variable depends on _\bs_\bu_\bd_\bo_\be_\br_\bs(4) settings. By
+ default, s\bsu\bud\bdo\bo will set HOME if _\be_\bn_\bv_\b__\br_\be_\bs_\be_\bt or _\ba_\bl_\bw_\ba_\by_\bs_\b__\bs_\be_\bt_\b__\bh_\bo_\bm_\be
+ are set, or if _\bs_\be_\bt_\b__\bh_\bo_\bm_\be is set and the -\b-s\bs option is
+ specified on the command line.
-h The -\b-h\bh (_\bh_\be_\bl_\bp) option causes s\bsu\bud\bdo\bo to print a usage message
and exit.
-i [command]
The -\b-i\bi (_\bs_\bi_\bm_\bu_\bl_\ba_\bt_\be _\bi_\bn_\bi_\bt_\bi_\ba_\bl _\bl_\bo_\bg_\bi_\bn) option runs the shell
- specified in the _\bp_\ba_\bs_\bs_\bw_\bd(4) entry of the target user as a
- login shell. This means that login-specific resource files
- such as .profile or .login will be read by the shell. If a
SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
+ specified in the _\bp_\ba_\bs_\bs_\bw_\bd(4) entry of the target user as a
+ login shell. This means that login-specific resource files
+ such as .profile or .login will be read by the shell. If a
command is specified, it is passed to the shell for
execution. Otherwise, an interactive shell is executed.
s\bsu\bud\bdo\bo attempts to change to that user's home directory
-P The -\b-P\bP (_\bp_\br_\be_\bs_\be_\br_\bv_\be _\bg_\br_\bo_\bu_\bp _\bv_\be_\bc_\bt_\bo_\br) option causes s\bsu\bud\bdo\bo to
preserve the invoking user's group vector unaltered. By
- default, s\bsu\bud\bdo\bo will initialize the group vector to the list
- of groups the target user is in. The real and effective
- group IDs, however, are still set to match the target user.
SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
+ default, s\bsu\bud\bdo\bo will initialize the group vector to the list
+ of groups the target user is in. The real and effective
+ group IDs, however, are still set to match the target user.
+
-p _\bp_\br_\bo_\bm_\bp_\bt The -\b-p\bp (_\bp_\br_\bo_\bm_\bp_\bt) option allows you to override the default
password prompt and use a custom one. The following
percent (`%') escapes are supported:
listed. Only root or a user with s\bsu\bud\bdo\bo ALL on the current
host may use this option.
- -u _\bu_\bs_\be_\br The -\b-u\bu (_\bu_\bs_\be_\br) option causes s\bsu\bud\bdo\bo to run the specified
- command as a user other than _\br_\bo_\bo_\bt. To specify a _\bu_\bi_\bd
- instead of a _\bu_\bs_\be_\br _\bn_\ba_\bm_\be, use _\b#_\bu_\bi_\bd. When running commands as
- a _\bu_\bi_\bd, many shells require that the '#' be escaped with a
SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
+ -u _\bu_\bs_\be_\br The -\b-u\bu (_\bu_\bs_\be_\br) option causes s\bsu\bud\bdo\bo to run the specified
+ command as a user other than _\br_\bo_\bo_\bt. To specify a _\bu_\bi_\bd
+ instead of a _\bu_\bs_\be_\br _\bn_\ba_\bm_\be, use _\b#_\bu_\bi_\bd. When running commands as
+ a _\bu_\bi_\bd, many shells require that the '#' be escaped with a
backslash ('\'). Note that if the _\bt_\ba_\br_\bg_\be_\bt_\bp_\bw Defaults option
is set (see _\bs_\bu_\bd_\bo_\be_\br_\bs(4)) it is not possible to run commands
with a uid not listed in the password database.
default, the _\be_\bn_\bv_\b__\br_\be_\bs_\be_\bt _\bs_\bu_\bd_\bo_\be_\br_\bs option is enabled. This causes commands
to be executed with a minimal environment containing TERM, PATH, HOME,
SHELL, LOGNAME, USER and USERNAME in addition to variables from the
- invoking process permitted by the _\be_\bn_\bv_\b__\bc_\bh_\be_\bc_\bk and _\be_\bn_\bv_\b__\bk_\be_\be_\bp _\bs_\bu_\bd_\bo_\be_\br_\bs
- options. There is effectively a whitelist for environment variables.
-
- If, however, the _\be_\bn_\bv_\b__\br_\be_\bs_\be_\bt option is disabled in _\bs_\bu_\bd_\bo_\be_\br_\bs, any variables
SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
+ invoking process permitted by the _\be_\bn_\bv_\b__\bc_\bh_\be_\bc_\bk and _\be_\bn_\bv_\b__\bk_\be_\be_\bp _\bs_\bu_\bd_\bo_\be_\br_\bs
+ options. There is effectively a whitelist for environment variables.
+
+ If, however, the _\be_\bn_\bv_\b__\br_\be_\bs_\be_\bt option is disabled in _\bs_\bu_\bd_\bo_\be_\br_\bs, any variables
not explicitly denied by the _\be_\bn_\bv_\b__\bc_\bh_\be_\bc_\bk and _\be_\bn_\bv_\b__\bd_\be_\bl_\be_\bt_\be options are
inherited from the invoking process. In this case, _\be_\bn_\bv_\b__\bc_\bh_\be_\bc_\bk and
_\be_\bn_\bv_\b__\bd_\be_\bl_\be_\bt_\be behave like a blacklist. Since it is not possible to
On systems where the boot time is available, s\bsu\bud\bdo\bo will also not honor
time stamps from before the machine booted.
- Since time stamp files live in the file system, they can outlive a
- user's login session. As a result, a user may be able to login, run a
- command with s\bsu\bud\bdo\bo after authenticating, logout, login again, and run
-
1.7.4 July 19, 2010 7
SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
+ Since time stamp files live in the file system, they can outlive a
+ user's login session. As a result, a user may be able to login, run a
+ command with s\bsu\bud\bdo\bo after authenticating, logout, login again, and run
s\bsu\bud\bdo\bo without authenticating so long as the time stamp file's
modification time is within 5 minutes (or whatever the timeout is set
to in _\bs_\bu_\bd_\bo_\be_\br_\bs). When the _\bt_\bt_\by_\b__\bt_\bi_\bc_\bk_\be_\bt_\bs option is enabled in _\bs_\bu_\bd_\bo_\be_\br_\bs, the
MAIL In -\b-i\bi mode or when _\be_\bn_\bv_\b__\br_\be_\bs_\be_\bt is enabled in _\bs_\bu_\bd_\bo_\be_\br_\bs, set
to the mail spool of the target user
- HOME In -\b-s\bs or -\b-H\bH mode (or if sudo was configured with the
- --enable-shell-sets-home option), set to homedir of the
- target user
+ HOME Set to the home directory of the target user if -\b-i\bi or
+ -\b-H\bH are specified, _\be_\bn_\bv_\b__\br_\be_\bs_\be_\bt or _\ba_\bl_\bw_\ba_\by_\bs_\b__\bs_\be_\bt_\b__\bh_\bo_\bm_\be are set
+ in _\bs_\bu_\bd_\bo_\be_\br_\bs, or when the -\b-s\bs optino is specified and
+ _\bs_\be_\bt_\b__\bh_\bo_\bm_\be is set in _\bs_\bu_\bd_\bo_\be_\br_\bs
PATH Set to a sane value if the _\bs_\be_\bc_\bu_\br_\be_\b__\bp_\ba_\bt_\bh sudoers option
is set.
SUDO_GID Set to the group ID of the user who invoked sudo
- SUDO_PROMPT Used as the default password prompt
-
- SUDO_PS1 If set, PS1 will be set to its value for the program
- being run
SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
+ SUDO_PROMPT Used as the default password prompt
+
+ SUDO_PS1 If set, PS1 will be set to its value for the program
+ being run
+
SUDO_UID Set to the user ID of the user who invoked sudo
SUDO_USER Set to the login of the user who invoked sudo
Note that this runs the commands in a sub-shell to make the cd and file
redirection work.
- $ sudo sh -c "cd /home ; du -s * | sort -rn > USAGE"
-
-S\bSE\bEE\bE A\bAL\bLS\bSO\bO
- _\bg_\br_\be_\bp(1), _\bs_\bu(1), _\bs_\bt_\ba_\bt(2), _\bl_\bo_\bg_\bi_\bn_\b__\bc_\ba_\bp(3), _\bp_\ba_\bs_\bs_\bw_\bd(4), _\bs_\bu_\bd_\bo_\be_\br_\bs(5),
-
1.7.4 July 19, 2010 9
SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
+ $ sudo sh -c "cd /home ; du -s * | sort -rn > USAGE"
+
+S\bSE\bEE\bE A\bAL\bLS\bSO\bO
+ _\bg_\br_\be_\bp(1), _\bs_\bu(1), _\bs_\bt_\ba_\bt(2), _\bl_\bo_\bg_\bi_\bn_\b__\bc_\ba_\bp(3), _\bp_\ba_\bs_\bs_\bw_\bd(4), _\bs_\bu_\bd_\bo_\be_\br_\bs(5),
_\bv_\bi_\bs_\bu_\bd_\bo(1m)
A\bAU\bUT\bTH\bHO\bOR\bRS\bS
-
-
-
-
1.7.4 July 19, 2010 10
projects / sudo / commitdiff