* src/su.c: Fix handling of environment variables when

	the environment is not changed. In particular, this makes su
	behave as documented regarding PATH and IFS (i.e. they are reset)
	when -p is provided.

diff --git a/ChangeLog b/ChangeLog
index ebda98013ca9b555ab7f5aead7c9f5096ef0faaa..9d8adf860b78c0b58c8ce9e0fa23d7a128a69cc5 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2010-08-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+       * src/su.c: Fix handling of environment variables when
+       the environment is not changed. In particular, this makes su
+       behave as documented regarding PATH and IFS (i.e. they are reset)
+       when -p is provided.
+
 2010-08-28  Nicolas François  <nicolas.francois@centraliens.net>
 
        * man/su.1.xml: Fix typo.

diff --git a/src/su.c b/src/su.c
index e45702f9e0e1afaf521ccda747d608bfb1584657..bd4e9432fe056d8d207f4159f9b1af80b4094f41 100644 (file)
--- a/src/su.c
+++ b/src/su.c
@@ -933,13 +933,13 @@ int main (int argc, char **argv)
                exit (1);
        }
 
-       if (change_environment) {
-               /* we need to setup the environment *after* pam_open_session(),
-                * else the UID is changed before stuff like pam_xauth could
-                * run, and we cannot access /etc/shadow and co
-                */
-               environ = newenvp;      /* make new environment active */
+       /* we need to setup the environment *after* pam_open_session(),
+        * else the UID is changed before stuff like pam_xauth could
+        * run, and we cannot access /etc/shadow and co
+        */
+       environ = newenvp;      /* make new environment active */
 
+       if (change_environment) {
                /* update environment with all pam set variables */
                envcp = pam_getenvlist (pamh);
                if (NULL != envcp) {