# ifndef LOGIN_DEFROOTCLASS
# define LOGIN_DEFROOTCLASS "daemon"
# endif
+# ifndef LOGIN_SETENV
+# define LOGIN_SETENV 0
+# endif
#endif
#ifdef HAVE_SELINUX
# include <selinux/selinux.h>
/* Insert system-wide environment variables. */
read_env_file(_PATH_ENVIRONMENT, true);
#endif
+#ifdef HAVE_LOGIN_CAP_H
+ /* Set environment based on login class. */
+ if (login_class) {
+ login_cap_t *lc = login_getclass(login_class);
+ if (lc != NULL) {
+ setusercontext(lc, runas_pw, runas_pw->pw_uid, LOGIN_SETPATH|LOGIN_SETENV);
+ login_close(lc);
+ }
+ }
+#endif /* HAVE_LOGIN_CAP_H */
}
/* Insert system-wide environment variables. */
#endif
#ifdef HAVE_LOGIN_CAP_H
# include <login_cap.h>
+# ifndef LOGIN_SETENV
+# define LOGIN_SETENV 0
+# endif
#endif
#ifdef HAVE_PROJECT_H
# include <project.h>
/*
* Swap in the plugin-supplied environment in case session init
- * modifies the environment. Also needed for LOGIN_SETENV.
- * This is kind of a hack.
+ * modifies the environment. This is kind of a hack.
*/
environ = details->envp;
if (ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
/* Set everything except user, group and login name. */
flags = LOGIN_SETALL;
- CLR(flags, LOGIN_SETGROUP|LOGIN_SETLOGIN|LOGIN_SETUSER);
+ CLR(flags, LOGIN_SETGROUP|LOGIN_SETLOGIN|LOGIN_SETUSER|LOGIN_SETENV|LOGIN_SETPATH);
CLR(details->flags, CD_SET_UMASK); /* LOGIN_UMASK instead */
} else {
flags = LOGIN_SETRESOURCES|LOGIN_SETPRIORITY;
projects / sudo / commitdiff