From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Mon, 19 Jul 2010 16:50:59 +0000 (-0400)
Subject: If env_reset is enabled, set the MAIL environment variable based
X-Git-Tag: SUDO_1_8_0~362
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=69ecb345815d712358f23e3e3338073b631d93a1;p=sudo

If env_reset is enabled, set the MAIL environment variable based
on the target user unless MAIL is explicitly preserved in sudoers.
---

diff --git a/WHATSNEW b/WHATSNEW
index 7ad33ed2e..38e16b463 100644
--- a/WHATSNEW
+++ b/WHATSNEW
@@ -42,6 +42,10 @@ What's new in Sudo 1.7.4?
    more than 32 descriptors on SuSE Linux, where sysconf(_SC_CHILD_MAX)
    will return -1 when RLIMIT_NPROC is set to RLIMIT_UNLIMITED (-1).
 
+ * If env_reset is enabled in sudoers (the default), sudo will now set
+   the MAIL environment variable based on the target user unless MAIL is
+   explicitly preserved in sudoers.  Previously MAIL was passed unchanged.
+
 What's new in Sudo 1.7.3?
 
  * Support for logging I/O for the command being run.
diff --git a/aclocal.m4 b/aclocal.m4
index ebb654cd5..017c07531 100644
--- a/aclocal.m4
+++ b/aclocal.m4
@@ -109,7 +109,7 @@ if test -z "$timedir"; then
     for d in /var/db /var/lib /var/adm /usr/adm; do
 	if test -d "$d"; then
 	    timedir="$d/sudo"
-	    break;
+	    break
 	fi
     done
 fi
@@ -327,6 +327,39 @@ AC_DEFUN(SUDO_APPEND_LIBPATH, [
     fi
 ])
 
+dnl
+dnl Determine the mail spool location
+dnl NOTE: must be run *after* check for paths.h
+dnl
+AC_DEFUN(SUDO_MAILDIR, [
+maildir=no
+if test X"$ac_cv_header_paths_h" = X"yes"; then
+AC_COMPILE_IFELSE([AC_LANG_PROGRAM([AC_INCLUDES_DEFAULT
+#include <paths.h>
+int main() {char *p = _PATH_MAILDIR;}], [])], [maildir=yes], [])
+fi
+if test $maildir = no; then
+    # Solaris has maillock.h which defines MAILDIR
+    AC_CHECK_HEADERS(maillock.h, [
+	SUDO_DEFINE(_PATH_MAILDIR, MAILDIR)
+	maildir=yes
+    ])
+    if test $maildir = no; then
+	for d in /var/mail /var/spool/mail /usr/spool/mail; do
+	    if test -d "$d"; then
+		maildir=yes
+		SUDO_DEFINE_UNQUOTED(_PATH_MAILDIR, "$d")
+		break
+	    fi
+	done
+	if test $maildir = no; then
+	    # unable to find mail dir, hope for the best
+	    SUDO_DEFINE_UNQUOTED(_PATH_MAILDIR, "/var/mail")
+	fi
+    fi
+fi
+])
+
 dnl
 dnl private versions of AC_DEFINE and AC_DEFINE_UNQUOTED that don't support
 dnl tracing that we use to define paths for pathnames.h so autoheader doesn't
diff --git a/config.h.in b/config.h.in
index ce43f925a..8e2ed6eb3 100644
--- a/config.h.in
+++ b/config.h.in
@@ -316,6 +316,9 @@
 /* Define to 1 if you have the `lrand48' function. */
 #undef HAVE_LRAND48
 
+/* Define to 1 if you have the <maillock.h> header file. */
+#undef HAVE_MAILLOCK_H
+
 /* Define to 1 if you have the <malloc.h> header file. */
 #undef HAVE_MALLOC_H
 
diff --git a/configure b/configure
index a3929a4bb..186491252 100755
--- a/configure
+++ b/configure
@@ -13845,6 +13845,68 @@ $as_echo "$ac_cv_sys_posix_termios" >&6; }
 if test "$ac_cv_sys_posix_termios" != "yes"; then
     as_fn_error "Must have POSIX termios to build sudo" "$LINENO" 5
 fi
+
+maildir=no
+if test X"$ac_cv_header_paths_h" = X"yes"; then
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$ac_includes_default
+#include <paths.h>
+int main() {char *p = _PATH_MAILDIR;}
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  maildir=yes
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+if test $maildir = no; then
+    # Solaris has maillock.h which defines MAILDIR
+    for ac_header in maillock.h
+do :
+  ac_fn_c_check_header_mongrel "$LINENO" "maillock.h" "ac_cv_header_maillock_h" "$ac_includes_default"
+if test "x$ac_cv_header_maillock_h" = x""yes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_MAILLOCK_H 1
+_ACEOF
+
+	cat >>confdefs.h <<\EOF
+#define _PATH_MAILDIR MAILDIR
+EOF
+
+	maildir=yes
+
+fi
+
+done
+
+    if test $maildir = no; then
+	for d in /var/mail /var/spool/mail /usr/spool/mail; do
+	    if test -d "$d"; then
+		maildir=yes
+		cat >>confdefs.h <<EOF
+#define _PATH_MAILDIR "$d"
+EOF
+
+		break
+	    fi
+	done
+	if test $maildir = no; then
+	    # unable to find mail dir, hope for the best
+	    cat >>confdefs.h <<EOF
+#define _PATH_MAILDIR "/var/mail"
+EOF
+
+	fi
+    fi
+fi
+
 if test ${with_logincap-'no'} != "no"; then
     for ac_header in login_cap.h
 do :
@@ -17854,7 +17916,7 @@ if test -z "$timedir"; then
     for d in /var/db /var/lib /var/adm /usr/adm; do
 	if test -d "$d"; then
 	    timedir="$d/sudo"
-	    break;
+	    break
 	fi
     done
 fi
diff --git a/configure.in b/configure.in
index f37a688da..e0968ba46 100644
--- a/configure.in
+++ b/configure.in
@@ -1866,6 +1866,7 @@ AC_SYS_POSIX_TERMIOS
 if test "$ac_cv_sys_posix_termios" != "yes"; then
     AC_MSG_ERROR([Must have POSIX termios to build sudo])
 fi
+SUDO_MAILDIR
 if test ${with_logincap-'no'} != "no"; then
     AC_CHECK_HEADERS(login_cap.h, [LOGINCAP_USAGE='[[-c class|-]] '; LCMAN=1
 	case "$OS" in
diff --git a/doc/sudo.cat b/doc/sudo.cat
index 0a2f3ff0d..cc56f8bf6 100644
--- a/doc/sudo.cat
+++ b/doc/sudo.cat
@@ -61,7 +61,7 @@ DDEESSCCRRIIPPTTIIOONN
 
 
 
-1.8.0b1                   July  1, 2010                         1
+1.8.0b1                   July 19, 2010                         1
 
 
 
@@ -127,7 +127,7 @@ OOPPTTIIOONNSS
 
 
 
-1.8.0b1                   July  1, 2010                         2
+1.8.0b1                   July 19, 2010                         2
 
 
 
@@ -193,7 +193,7 @@ SUDO(1m)               MAINTENANCE COMMANDS              SUDO(1m)
 
 
 
-1.8.0b1                   July  1, 2010                         3
+1.8.0b1                   July 19, 2010                         3
 
 
 
@@ -259,7 +259,7 @@ SUDO(1m)               MAINTENANCE COMMANDS              SUDO(1m)
 
 
 
-1.8.0b1                   July  1, 2010                         4
+1.8.0b1                   July 19, 2010                         4
 
 
 
@@ -325,7 +325,7 @@ SUDO(1m)               MAINTENANCE COMMANDS              SUDO(1m)
 
 
 
-1.8.0b1                   July  1, 2010                         5
+1.8.0b1                   July 19, 2010                         5
 
 
 
@@ -391,7 +391,7 @@ PPLLUUGGIINNSS
 
 
 
-1.8.0b1                   July  1, 2010                         6
+1.8.0b1                   July 19, 2010                         6
 
 
 
@@ -457,7 +457,7 @@ SSEECCUURRIITTYY NNOOTTEESS
 
 
 
-1.8.0b1                   July  1, 2010                         7
+1.8.0b1                   July 19, 2010                         7
 
 
 
@@ -481,6 +481,9 @@ EENNVVIIRROONNMMEENNTT
        EDITOR          Default editor to use in --ee (sudoedit) mode if neither
                        SUDO_EDITOR nor VISUAL is set
 
+       MAIL            In --ii mode or when _e_n_v___r_e_s_e_t is enabled in _s_u_d_o_e_r_s, set
+                       to the mail spool of the target user
+
        HOME            In --ii, --ss or --HH mode (or if sudo was configured with
                        the --enable-shell-sets-home option), set to homedir of
                        the target user
@@ -517,13 +520,10 @@ EENNVVIIRROONNMMEENNTT
 FFIILLEESS
        _/_e_t_c_/_s_u_d_o_._c_o_n_f          ssuuddoo plugin and path configuration
 
-EEXXAAMMPPLLEESS
-       Note: the following examples assume a properly configured security
-       policy.
 
 
 
-1.8.0b1                   July  1, 2010                         8
+1.8.0b1                   July 19, 2010                         8
 
 
 
@@ -532,6 +532,10 @@ EEXXAAMMPPLLEESS
 SUDO(1m)               MAINTENANCE COMMANDS              SUDO(1m)
 
 
+EEXXAAMMPPLLEESS
+       Note: the following examples assume a properly configured security
+       policy.
+
        To get a file listing of an unreadable directory:
 
         $ sudo ls /usr/local/protected
@@ -582,21 +586,21 @@ CCAAVVEEAATTSS
        programs (such as editors) allow the user to run commands via shell
        escapes, thus avoiding ssuuddoo's checks.  However, on most systems it is
        possible to prevent shell escapes with the _s_u_d_o_e_r_s(4) module's _n_o_e_x_e_c
-       functionality.
 
-       It is not meaningful to run the cd command directly via sudo, e.g.,
 
 
+1.8.0b1                   July 19, 2010                         9
 
 
-1.8.0b1                   July  1, 2010                         9
 
 
 
+SUDO(1m)               MAINTENANCE COMMANDS              SUDO(1m)
 
 
-SUDO(1m)               MAINTENANCE COMMANDS              SUDO(1m)
+       functionality.
 
+       It is not meaningful to run the cd command directly via sudo, e.g.,
 
         $ sudo cd /usr/local/protected
 
@@ -651,10 +655,6 @@ DDIISSCCLLAAIIMMEERR
 
 
 
-
-
-
-
-1.8.0b1                   July  1, 2010                        10
+1.8.0b1                   July 19, 2010                        10
 
 
diff --git a/doc/sudo.man.in b/doc/sudo.man.in
index a91ad23f3..fd28e459e 100644
--- a/doc/sudo.man.in
+++ b/doc/sudo.man.in
@@ -149,7 +149,7 @@
 .\" ========================================================================
 .\"
 .IX Title "SUDO @mansectsu@"
-.TH SUDO @mansectsu@ "July  1, 2010" "1.8.0b1" "MAINTENANCE COMMANDS"
+.TH SUDO @mansectsu@ "July 19, 2010" "1.8.0b1" "MAINTENANCE COMMANDS"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
@@ -597,6 +597,11 @@ policy has control over the content of the command's environment.
 .IX Item "EDITOR"
 Default editor to use in \fB\-e\fR (sudoedit) mode if neither \f(CW\*(C`SUDO_EDITOR\*(C'\fR
 nor \f(CW\*(C`VISUAL\*(C'\fR is set
+.ie n .IP "\*(C`MAIL\*(C'" 16
+.el .IP "\f(CW\*(C`MAIL\*(C'\fR" 16
+.IX Item "MAIL"
+In \fB\-i\fR mode or when \fIenv_reset\fR is enabled in \fIsudoers\fR, set
+to the mail spool of the target user
 .ie n .IP "\*(C`HOME\*(C'" 16
 .el .IP "\f(CW\*(C`HOME\*(C'\fR" 16
 .IX Item "HOME"
diff --git a/doc/sudo.pod b/doc/sudo.pod
index 711f62195..918c02947 100644
--- a/doc/sudo.pod
+++ b/doc/sudo.pod
@@ -498,6 +498,11 @@ policy has control over the content of the command's environment.
 Default editor to use in B<-e> (sudoedit) mode if neither C<SUDO_EDITOR>
 nor C<VISUAL> is set
 
+=item C<MAIL>
+
+In B<-i> mode or when I<env_reset> is enabled in I<sudoers>, set
+to the mail spool of the target user
+
 =item C<HOME>
 
 In B<-i>, B<-s> or B<-H> mode (or if sudo was configured with the
diff --git a/doc/sudoers.cat b/doc/sudoers.cat
index 70f7c2d97..ef40f7de8 100644
--- a/doc/sudoers.cat
+++ b/doc/sudoers.cat
@@ -61,7 +61,7 @@ DDEESSCCRRIIPPTTIIOONN
 
 
 
-1.8.0b1                   July 16, 2010                         1
+1.8.0b1                   July 19, 2010                         1
 
 
 
@@ -80,9 +80,9 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
        By default, the _e_n_v___r_e_s_e_t option is enabled.  This causes commands to
        be executed with a minimal environment containing TERM, PATH, HOME,
-       SHELL, LOGNAME, USER and USERNAME in addition to variables from the
-       invoking process permitted by the _e_n_v___c_h_e_c_k and _e_n_v___k_e_e_p options.  This
-       is effectively a whitelist for environment variables.
+       MAIL, SHELL, LOGNAME, USER and USERNAME in addition to variables from
+       the invoking process permitted by the _e_n_v___c_h_e_c_k and _e_n_v___k_e_e_p options.
+       This is effectively a whitelist for environment variables.
 
        If, however, the _e_n_v___r_e_s_e_t option is disabled, any variables not
        explicitly denied by the _e_n_v___c_h_e_c_k and _e_n_v___d_e_l_e_t_e options are inherited
@@ -107,8 +107,8 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
        As a special case, If ssuuddoo's --ii option (initial login) is specified,
        _s_u_d_o_e_r_s will initialize the environment regardless of the value of
        _e_n_v___r_e_s_e_t.  The _D_I_S_P_L_A_Y, _P_A_T_H and _T_E_R_M variables remain unchanged;
-       _H_O_M_E, _S_H_E_L_L, _U_S_E_R, and _L_O_G_N_A_M_E are set based on the target user.  On
-       Linux and AIX systems the contents of _/_e_t_c_/_e_n_v_i_r_o_n_m_e_n_t are also
+       _H_O_M_E, _M_A_I_L, _S_H_E_L_L, _U_S_E_R, and _L_O_G_N_A_M_E are set based on the target user.
+       On Linux and AIX systems the contents of _/_e_t_c_/_e_n_v_i_r_o_n_m_e_n_t are also
        included.  All other environment variables are removed.
 
 SSUUDDOOEERRSS FFIILLEE FFOORRMMAATT
@@ -127,7 +127,7 @@ SSUUDDOOEERRSS FFIILLEE FFOORRMMAATT
 
 
 
-1.8.0b1                   July 16, 2010                         2
+1.8.0b1                   July 19, 2010                         2
 
 
 
@@ -193,7 +193,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
 
-1.8.0b1                   July 16, 2010                         3
+1.8.0b1                   July 19, 2010                         3
 
 
 
@@ -259,7 +259,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
 
-1.8.0b1                   July 16, 2010                         4
+1.8.0b1                   July 19, 2010                         4
 
 
 
@@ -325,7 +325,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
 
-1.8.0b1                   July 16, 2010                         5
+1.8.0b1                   July 19, 2010                         5
 
 
 
@@ -391,7 +391,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
 
-1.8.0b1                   July 16, 2010                         6
+1.8.0b1                   July 19, 2010                         6
 
 
 
@@ -457,7 +457,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
 
-1.8.0b1                   July 16, 2010                         7
+1.8.0b1                   July 19, 2010                         7
 
 
 
@@ -523,7 +523,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
 
-1.8.0b1                   July 16, 2010                         8
+1.8.0b1                   July 19, 2010                         8
 
 
 
@@ -589,7 +589,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
 
-1.8.0b1                   July 16, 2010                         9
+1.8.0b1                   July 19, 2010                         9
 
 
 
@@ -655,7 +655,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
 
-1.8.0b1                   July 16, 2010                        10
+1.8.0b1                   July 19, 2010                        10
 
 
 
@@ -721,7 +721,7 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS
 
 
 
-1.8.0b1                   July 16, 2010                        11
+1.8.0b1                   July 19, 2010                        11
 
 
 
@@ -752,7 +752,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
                        specified in editor.  This flag is _o_f_f by default.
 
        env_reset       If set, ssuuddoo will reset the environment to only contain
-                       the LOGNAME, SHELL, USER, USERNAME and the SUDO_*
+                       the LOGNAME, MAIL, SHELL, USER, USERNAME and the SUDO_*
                        variables.  Any variables in the caller's environment
                        that match the env_keep and env_check lists are then
                        added.  The default contents of the env_keep and
@@ -787,7 +787,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
 
-1.8.0b1                   July 16, 2010                        12
+1.8.0b1                   July 19, 2010                        12
 
 
 
@@ -853,7 +853,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
 
-1.8.0b1                   July 16, 2010                        13
+1.8.0b1                   July 19, 2010                        13
 
 
 
@@ -919,7 +919,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
 
-1.8.0b1                   July 16, 2010                        14
+1.8.0b1                   July 19, 2010                        14
 
 
 
@@ -985,7 +985,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
 
-1.8.0b1                   July 16, 2010                        15
+1.8.0b1                   July 19, 2010                        15
 
 
 
@@ -1051,7 +1051,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
 
-1.8.0b1                   July 16, 2010                        16
+1.8.0b1                   July 19, 2010                        16
 
 
 
@@ -1117,7 +1117,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
 
-1.8.0b1                   July 16, 2010                        17
+1.8.0b1                   July 19, 2010                        17
 
 
 
@@ -1183,7 +1183,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
 
-1.8.0b1                   July 16, 2010                        18
+1.8.0b1                   July 19, 2010                        18
 
 
 
@@ -1249,7 +1249,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
 
-1.8.0b1                   July 16, 2010                        19
+1.8.0b1                   July 19, 2010                        19
 
 
 
@@ -1315,7 +1315,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
 
-1.8.0b1                   July 16, 2010                        20
+1.8.0b1                   July 19, 2010                        20
 
 
 
@@ -1381,7 +1381,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
 
-1.8.0b1                   July 16, 2010                        21
+1.8.0b1                   July 19, 2010                        21
 
 
 
@@ -1447,7 +1447,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
 
-1.8.0b1                   July 16, 2010                        22
+1.8.0b1                   July 19, 2010                        22
 
 
 
@@ -1513,7 +1513,7 @@ EEXXAAMMPPLLEESS
 
 
 
-1.8.0b1                   July 16, 2010                        23
+1.8.0b1                   July 19, 2010                        23
 
 
 
@@ -1579,7 +1579,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
 
-1.8.0b1                   July 16, 2010                        24
+1.8.0b1                   July 19, 2010                        24
 
 
 
@@ -1645,7 +1645,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
 
-1.8.0b1                   July 16, 2010                        25
+1.8.0b1                   July 19, 2010                        25
 
 
 
@@ -1711,7 +1711,7 @@ SSEECCUURRIITTYY NNOOTTEESS
 
 
 
-1.8.0b1                   July 16, 2010                        26
+1.8.0b1                   July 19, 2010                        26
 
 
 
@@ -1777,7 +1777,7 @@ PPRREEVVEENNTTIINNGG SSHHEELLLL EESSCCAAPPEESS
 
 
 
-1.8.0b1                   July 16, 2010                        27
+1.8.0b1                   July 19, 2010                        27
 
 
 
@@ -1843,7 +1843,7 @@ SSEECCUURRIITTYY NNOOTTEESS
 
 
 
-1.8.0b1                   July 16, 2010                        28
+1.8.0b1                   July 19, 2010                        28
 
 
 
@@ -1909,6 +1909,6 @@ DDIISSCCLLAAIIMMEERR
 
 
 
-1.8.0b1                   July 16, 2010                        29
+1.8.0b1                   July 19, 2010                        29
 
 
diff --git a/doc/sudoers.man.in b/doc/sudoers.man.in
index ccd8e44f3..054c833ec 100644
--- a/doc/sudoers.man.in
+++ b/doc/sudoers.man.in
@@ -148,7 +148,7 @@
 .\" ========================================================================
 .\"
 .IX Title "SUDOERS @mansectform@"
-.TH SUDOERS @mansectform@ "July 16, 2010" "1.8.0b1" "MAINTENANCE COMMANDS"
+.TH SUDOERS @mansectform@ "July 19, 2010" "1.8.0b1" "MAINTENANCE COMMANDS"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
@@ -219,7 +219,7 @@ distinct ways \fIsudoers\fR can deal with environment variables.
 .PP
 By default, the \fIenv_reset\fR option is enabled.  This causes commands
 to be executed with a minimal environment containing \f(CW\*(C`TERM\*(C'\fR,
-\&\f(CW\*(C`PATH\*(C'\fR, \f(CW\*(C`HOME\*(C'\fR, \f(CW\*(C`SHELL\*(C'\fR, \f(CW\*(C`LOGNAME\*(C'\fR, \f(CW\*(C`USER\*(C'\fR and \f(CW\*(C`USERNAME\*(C'\fR in
+\&\f(CW\*(C`PATH\*(C'\fR, \f(CW\*(C`HOME\*(C'\fR, \f(CW\*(C`MAIL\*(C'\fR, \f(CW\*(C`SHELL\*(C'\fR, \f(CW\*(C`LOGNAME\*(C'\fR, \f(CW\*(C`USER\*(C'\fR and \f(CW\*(C`USERNAME\*(C'\fR in
 addition to variables from the invoking process permitted by the
 \&\fIenv_check\fR and \fIenv_keep\fR options.  This is effectively a whitelist
 for environment variables.
@@ -247,10 +247,10 @@ and, as such, it is not possible for \fBsudo\fR to preserve them.
 As a special case, If \fBsudo\fR's \fB\-i\fR option (initial login) is
 specified, \fIsudoers\fR will initialize the environment regardless
 of the value of \fIenv_reset\fR.  The \fI\s-1DISPLAY\s0\fR, \fI\s-1PATH\s0\fR and \fI\s-1TERM\s0\fR
-variables remain unchanged; \fI\s-1HOME\s0\fR, \fI\s-1SHELL\s0\fR, \fI\s-1USER\s0\fR, and \fI\s-1LOGNAME\s0\fR
-are set based on the target user.  On Linux and \s-1AIX\s0 systems the
-contents of \fI/etc/environment\fR are also included.  All other
-environment variables are removed.
+variables remain unchanged; \fI\s-1HOME\s0\fR, \fI\s-1MAIL\s0\fR, \fI\s-1SHELL\s0\fR, \fI\s-1USER\s0\fR,
+and \fI\s-1LOGNAME\s0\fR are set based on the target user.  On Linux and \s-1AIX\s0
+systems the contents of \fI/etc/environment\fR are also included.  All
+other environment variables are removed.
 .SH "SUDOERS FILE FORMAT"
 .IX Header "SUDOERS FILE FORMAT"
 The \fIsudoers\fR file is composed of two types of entries: aliases
@@ -861,7 +861,7 @@ default.
 .IP "env_reset" 16
 .IX Item "env_reset"
 If set, \fBsudo\fR will reset the environment to only contain the
-\&\s-1LOGNAME\s0, \s-1SHELL\s0, \s-1USER\s0, \s-1USERNAME\s0 and the \f(CW\*(C`SUDO_*\*(C'\fR variables.  Any
+\&\s-1LOGNAME\s0, \s-1MAIL\s0, \s-1SHELL\s0, \s-1USER\s0, \s-1USERNAME\s0 and the \f(CW\*(C`SUDO_*\*(C'\fR variables.  Any
 variables in the caller's environment that match the \f(CW\*(C`env_keep\*(C'\fR
 and \f(CW\*(C`env_check\*(C'\fR lists are then added.  The default contents of the
 \&\f(CW\*(C`env_keep\*(C'\fR and \f(CW\*(C`env_check\*(C'\fR lists are displayed when \fBsudo\fR is
diff --git a/doc/sudoers.pod b/doc/sudoers.pod
index 2effd8095..69fbdcd70 100644
--- a/doc/sudoers.pod
+++ b/doc/sudoers.pod
@@ -90,7 +90,7 @@ distinct ways I<sudoers> can deal with environment variables.
 
 By default, the I<env_reset> option is enabled.  This causes commands
 to be executed with a minimal environment containing C<TERM>,
-C<PATH>, C<HOME>, C<SHELL>, C<LOGNAME>, C<USER> and C<USERNAME> in
+C<PATH>, C<HOME>, C<MAIL>, C<SHELL>, C<LOGNAME>, C<USER> and C<USERNAME> in
 addition to variables from the invoking process permitted by the
 I<env_check> and I<env_keep> options.  This is effectively a whitelist
 for environment variables.
@@ -118,10 +118,10 @@ and, as such, it is not possible for B<sudo> to preserve them.
 As a special case, If B<sudo>'s B<-i> option (initial login) is
 specified, I<sudoers> will initialize the environment regardless
 of the value of I<env_reset>.  The I<DISPLAY>, I<PATH> and I<TERM>
-variables remain unchanged; I<HOME>, I<SHELL>, I<USER>, and I<LOGNAME>
-are set based on the target user.  On Linux and AIX systems the
-contents of F</etc/environment> are also included.  All other
-environment variables are removed.
+variables remain unchanged; I<HOME>, I<MAIL>, I<SHELL>, I<USER>,
+and I<LOGNAME> are set based on the target user.  On Linux and AIX
+systems the contents of F</etc/environment> are also included.  All
+other environment variables are removed.
 
 =head1 SUDOERS FILE FORMAT
 
@@ -727,7 +727,7 @@ default.
 =item env_reset
 
 If set, B<sudo> will reset the environment to only contain the
-LOGNAME, SHELL, USER, USERNAME and the C<SUDO_*> variables.  Any
+LOGNAME, MAIL, SHELL, USER, USERNAME and the C<SUDO_*> variables.  Any
 variables in the caller's environment that match the C<env_keep>
 and C<env_check> lists are then added.  The default contents of the
 C<env_keep> and C<env_check> lists are displayed when B<sudo> is
diff --git a/pathnames.h.in b/pathnames.h.in
index 4e6cc078d..f624325c7 100644
--- a/pathnames.h.in
+++ b/pathnames.h.in
@@ -133,6 +133,10 @@
 #define	_PATH_USRTMP	"/usr/tmp/"
 #endif /* _PATH_USRTMP */
 
+#ifndef _PATH_MAILDIR
+#undef _PATH_MAILDIR
+#endif /* _PATH_MAILDIR */
+
 #ifndef _PATH_SUDO_SESH
 #undef _PATH_SUDO_SESH
 #endif /* _PATH_SUDO_SESH */
diff --git a/plugins/sudoers/env.c b/plugins/sudoers/env.c
index c7562590c..3d97953aa 100644
--- a/plugins/sudoers/env.c
+++ b/plugins/sudoers/env.c
@@ -65,6 +65,8 @@
 #define DID_USER    	0x0020
 #undef DID_USERNAME
 #define DID_USERNAME   	0x0040
+#undef DID_MAIL
+#define DID_MAIL   	0x0080
 #undef DID_MAX
 #define DID_MAX    	0x00ff
 
@@ -82,6 +84,8 @@
 #define KEPT_USER    	0x2000
 #undef KEPT_USERNAME
 #define KEPT_USERNAME	0x4000
+#undef KEPT_MAIL
+#define KEPT_MAIL	0x8000
 #undef KEPT_MAX
 #define KEPT_MAX    	0xff00
 
@@ -192,7 +196,6 @@ static const char *initial_keepenv_table[] = {
     "HOSTNAME",
     "KRB5CCNAME",
     "LS_COLORS",
-    "MAIL",
     "PATH",
     "PS1",
     "PS2",
@@ -460,6 +463,10 @@ rebuild_env(int noexec)
 			if (strncmp(*ep, "LOGNAME=", 8) == 0)
 			    SET(didvar, DID_LOGNAME);
 			break;
+		    case 'M':
+			if (strncmp(*ep, "MAIL=", 5) == 0)
+			    SET(didvar, DID_MAIL);
+			break;
 		    case 'P':
 			if (strncmp(*ep, "PATH=", 5) == 0)
 			    SET(didvar, DID_PATH);
@@ -509,6 +516,18 @@ rebuild_env(int noexec)
 	    if (!ISSET(didvar, DID_USERNAME))
 		sudo_setenv("USERNAME", user_name, FALSE);
 	}
+	/*
+	 * Set MAIL to target user in -i mode or if MAIL is not preserved
+	 * from user's environment.
+	 */
+	if (ISSET(sudo_mode, MODE_LOGIN_SHELL) || !ISSET(didvar, KEPT_MAIL)) {
+	    cp = _PATH_MAILDIR;
+	    if (cp[sizeof(_PATH_MAILDIR) - 2] == '/')
+		easprintf(&cp, "MAIL=%s%s", _PATH_MAILDIR, runas_pw->pw_name);
+	    else
+		easprintf(&cp, "MAIL=%s/%s", _PATH_MAILDIR, runas_pw->pw_name);
+	    sudo_putenv(cp, ISSET(didvar, DID_MAIL), TRUE);
+	}
     } else {
 	/*
 	 * Copy environ entries as long as they don't match env_delete or