From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Mon, 19 Jul 2010 15:08:09 +0000 (-0400)
Subject: If env_reset is enabled, set the MAIL environment variable based
X-Git-Tag: SUDO_1_7_4~62
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=ab29f9d8bd47ec7f46eaafa34117ee4c132043ae;p=sudo

If env_reset is enabled, set the MAIL environment variable based
on the target user unless MAIL is explicitly preserved in sudoers.

--HG--
branch : 1.7
---

diff --git a/WHATSNEW b/WHATSNEW
index 91c0938b1..2894f70ea 100644
--- a/WHATSNEW
+++ b/WHATSNEW
@@ -34,6 +34,10 @@ What's new in Sudo 1.7.4?
    more than 32 descriptors on SuSE Linux, where sysconf(_SC_CHILD_MAX)
    will return -1 when RLIMIT_NPROC is set to RLIMIT_UNLIMITED (-1).
 
+ * If env_reset is enabled in sudoers (the default), sudo will now set
+   the MAIL environment variable based on the target user unless MAIL is
+   explicitly preserved in sudoers.  Previously MAIL was passed unchanged.
+
 What's new in Sudo 1.7.3?
 
  * Support for logging I/O for the command being run.
diff --git a/aclocal.m4 b/aclocal.m4
index 9e6eca8c0..5bbb4ac13 100644
--- a/aclocal.m4
+++ b/aclocal.m4
@@ -109,7 +109,7 @@ if test -z "$timedir"; then
     for d in /var/db /var/lib /var/adm /usr/adm; do
 	if test -d "$d"; then
 	    timedir="$d/sudo"
-	    break;
+	    break
 	fi
     done
 fi
@@ -345,6 +345,39 @@ AC_DEFUN(SUDO_APPEND_LIBPATH, [
     fi
 ])
 
+dnl
+dnl Determine the mail spool location
+dnl NOTE: must be run *after* check for paths.h
+dnl
+AC_DEFUN(SUDO_MAILDIR, [
+maildir=no
+if test X"$ac_cv_header_paths_h" = X"yes"; then
+AC_COMPILE_IFELSE([AC_LANG_PROGRAM([AC_INCLUDES_DEFAULT
+#include <paths.h>
+int main() {char *p = _PATH_MAILDIR;}], [])], [maildir=yes], [])
+fi
+if test $maildir = no; then
+    # Solaris has maillock.h which defines MAILDIR
+    AC_CHECK_HEADERS(maillock.h, [
+	SUDO_DEFINE(_PATH_MAILDIR, MAILDIR)
+	maildir=yes
+    ])
+    if test $maildir = no; then
+	for d in /var/mail /var/spool/mail /usr/spool/mail; do
+	    if test -d "$d"; then
+		maildir=yes
+		SUDO_DEFINE_UNQUOTED(_PATH_MAILDIR, "$d")
+		break
+	    fi
+	done
+	if test $maildir = no; then
+	    # unable to find mail dir, hope for the best
+	    SUDO_DEFINE_UNQUOTED(_PATH_MAILDIR, "/var/mail")
+	fi
+    fi
+fi
+])
+
 dnl
 dnl private versions of AC_DEFINE and AC_DEFINE_UNQUOTED that don't support
 dnl tracing that we use to define paths for pathnames.h so autoheader doesn't
diff --git a/config.h.in b/config.h.in
index eeb444f06..39bd71fd9 100644
--- a/config.h.in
+++ b/config.h.in
@@ -316,6 +316,9 @@
 /* Define to 1 if you have the `lrand48' function. */
 #undef HAVE_LRAND48
 
+/* Define to 1 if you have the <maillock.h> header file. */
+#undef HAVE_MAILLOCK_H
+
 /* Define to 1 if you have the <malloc.h> header file. */
 #undef HAVE_MALLOC_H
 
diff --git a/configure b/configure
index 2aeae81bb..0707115ce 100755
--- a/configure
+++ b/configure
@@ -13873,6 +13873,68 @@ fi
 done
 
 fi
+
+maildir=no
+if test X"$ac_cv_header_paths_h" = X"yes"; then
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$ac_includes_default
+#include <paths.h>
+int main() {char *p = _PATH_MAILDIR;}
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  maildir=yes
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+if test $maildir = no; then
+    # Solaris has maillock.h which defines MAILDIR
+    for ac_header in maillock.h
+do :
+  ac_fn_c_check_header_mongrel "$LINENO" "maillock.h" "ac_cv_header_maillock_h" "$ac_includes_default"
+if test "x$ac_cv_header_maillock_h" = x""yes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_MAILLOCK_H 1
+_ACEOF
+
+	cat >>confdefs.h <<\EOF
+#define _PATH_MAILDIR MAILDIR
+EOF
+
+	maildir=yes
+
+fi
+
+done
+
+    if test $maildir = no; then
+	for d in /var/mail /var/spool/mail /usr/spool/mail; do
+	    if test -d "$d"; then
+		maildir=yes
+		cat >>confdefs.h <<EOF
+#define _PATH_MAILDIR "$d"
+EOF
+
+		break
+	    fi
+	done
+	if test $maildir = no; then
+	    # unable to find mail dir, hope for the best
+	    cat >>confdefs.h <<EOF
+#define _PATH_MAILDIR "/var/mail"
+EOF
+
+	fi
+    fi
+fi
+
 if test ${with_logincap-'no'} != "no"; then
     for ac_header in login_cap.h
 do :
@@ -17931,7 +17993,7 @@ if test -z "$timedir"; then
     for d in /var/db /var/lib /var/adm /usr/adm; do
 	if test -d "$d"; then
 	    timedir="$d/sudo"
-	    break;
+	    break
 	fi
     done
 fi
diff --git a/configure.in b/configure.in
index cbb7d6b6e..9c7c149d9 100644
--- a/configure.in
+++ b/configure.in
@@ -1854,6 +1854,7 @@ if test "$ac_cv_sys_posix_termios" = "yes"; then
 else
     AC_CHECK_HEADERS(termio.h)
 fi
+SUDO_MAILDIR
 if test ${with_logincap-'no'} != "no"; then
     AC_CHECK_HEADERS(login_cap.h, [LOGINCAP_USAGE='[[-c class|-]] '; LCMAN=1
 	case "$OS" in
diff --git a/env.c b/env.c
index cb06e2376..3a1a35810 100644
--- a/env.c
+++ b/env.c
@@ -65,6 +65,8 @@
 #define DID_USER    	0x0020
 #undef DID_USERNAME
 #define DID_USERNAME   	0x0040
+#undef DID_MAIL
+#define DID_MAIL   	0x0080
 #undef DID_MAX
 #define DID_MAX    	0x00ff
 
@@ -82,6 +84,8 @@
 #define KEPT_USER    	0x2000
 #undef KEPT_USERNAME
 #define KEPT_USERNAME	0x4000
+#undef KEPT_MAIL
+#define KEPT_MAIL	0x8000
 #undef KEPT_MAX
 #define KEPT_MAX    	0xff00
 
@@ -195,7 +199,6 @@ static const char *initial_keepenv_table[] = {
     "HOSTNAME",
     "KRB5CCNAME",
     "LS_COLORS",
-    "MAIL",
     "PATH",
     "PS1",
     "PS2",
@@ -639,6 +642,10 @@ rebuild_env(noexec)
 			if (strncmp(*ep, "LOGNAME=", 8) == 0)
 			    SET(didvar, DID_LOGNAME);
 			break;
+		    case 'M':
+			if (strncmp(*ep, "MAIL=", 5) == 0)
+			    SET(didvar, DID_MAIL);
+			break;
 		    case 'P':
 			if (strncmp(*ep, "PATH=", 5) == 0)
 			    SET(didvar, DID_PATH);
@@ -688,6 +695,18 @@ rebuild_env(noexec)
 	    if (!ISSET(didvar, DID_USERNAME))
 		sudo_setenv("USERNAME", user_name, FALSE);
 	}
+	/*
+	 * Set MAIL to target user in -i mode or if MAIL is not preserved
+	 * from user's environment.
+	 */
+	if (ISSET(sudo_mode, MODE_LOGIN_SHELL) || !ISSET(didvar, DID_MAIL)) {
+	    cp = _PATH_MAILDIR;
+	    if (cp[sizeof(_PATH_MAILDIR) - 2] == '/')
+		easprintf(&cp, "MAIL=%s%s", _PATH_MAILDIR, runas_pw->pw_name);
+	    else
+		easprintf(&cp, "MAIL=%s/%s", _PATH_MAILDIR, runas_pw->pw_name);
+	    sudo_putenv(cp, ISSET(didvar, DID_MAIL), TRUE);
+	}
     } else {
 	/*
 	 * Copy environ entries as long as they don't match env_delete or
diff --git a/pathnames.h.in b/pathnames.h.in
index b3bd537ed..c1d4e9ab6 100644
--- a/pathnames.h.in
+++ b/pathnames.h.in
@@ -122,6 +122,10 @@
 #define	_PATH_USRTMP	"/usr/tmp/"
 #endif /* _PATH_USRTMP */
 
+#ifndef _PATH_MAILDIR
+#undef _PATH_MAILDIR
+#endif /* _PATH_MAILDIR */
+
 #ifndef _PATH_SUDO_SESH
 #undef _PATH_SUDO_SESH
 #endif /* _PATH_SUDO_SESH */
diff --git a/sudo.cat b/sudo.cat
index 951b18278..b9c6a0c88 100644
--- a/sudo.cat
+++ b/sudo.cat
@@ -61,7 +61,7 @@ DDEESSCCRRIIPPTTIIOONN
 
 
 
-1.7.4                     July 14, 2010                         1
+1.7.4                     July 19, 2010                         1
 
 
 
@@ -127,7 +127,7 @@ OOPPTTIIOONNSS
 
 
 
-1.7.4                     July 14, 2010                         2
+1.7.4                     July 19, 2010                         2
 
 
 
@@ -193,7 +193,7 @@ SUDO(1m)               MAINTENANCE COMMANDS              SUDO(1m)
 
 
 
-1.7.4                     July 14, 2010                         3
+1.7.4                     July 19, 2010                         3
 
 
 
@@ -207,7 +207,7 @@ SUDO(1m)               MAINTENANCE COMMANDS              SUDO(1m)
                    ssuuddoo attempts to change to that user's home directory
                    before running the shell.  It also initializes the
                    environment, leaving _D_I_S_P_L_A_Y and _T_E_R_M unchanged, setting
-                   _H_O_M_E, _S_H_E_L_L, _U_S_E_R, _L_O_G_N_A_M_E, and _P_A_T_H, as well as the
+                   _H_O_M_E, _M_A_I_L, _S_H_E_L_L, _U_S_E_R, _L_O_G_N_A_M_E, and _P_A_T_H, as well as the
                    contents of _/_e_t_c_/_e_n_v_i_r_o_n_m_e_n_t on Linux and AIX systems.  All
                    other environment variables are removed.
 
@@ -259,7 +259,7 @@ SUDO(1m)               MAINTENANCE COMMANDS              SUDO(1m)
 
 
 
-1.7.4                     July 14, 2010                         4
+1.7.4                     July 19, 2010                         4
 
 
 
@@ -325,7 +325,7 @@ SUDO(1m)               MAINTENANCE COMMANDS              SUDO(1m)
 
 
 
-1.7.4                     July 14, 2010                         5
+1.7.4                     July 19, 2010                         5
 
 
 
@@ -391,7 +391,7 @@ SSEECCUURRIITTYY NNOOTTEESS
 
 
 
-1.7.4                     July 14, 2010                         6
+1.7.4                     July 19, 2010                         6
 
 
 
@@ -457,7 +457,7 @@ SUDO(1m)               MAINTENANCE COMMANDS              SUDO(1m)
 
 
 
-1.7.4                     July 14, 2010                         7
+1.7.4                     July 19, 2010                         7
 
 
 
@@ -494,6 +494,9 @@ EENNVVIIRROONNMMEENNTT
        EDITOR          Default editor to use in --ee (sudoedit) mode if neither
                        SUDO_EDITOR nor VISUAL is set
 
+       MAIL            In --ii mode or when _e_n_v___r_e_s_e_t is enabled in _s_u_d_o_e_r_s, set
+                       to the mail spool of the target user
+
        HOME            In --ss or --HH mode (or if sudo was configured with the
                        --enable-shell-sets-home option), set to homedir of the
                        target user
@@ -518,12 +521,9 @@ EENNVVIIRROONNMMEENNTT
        SUDO_PS1        If set, PS1 will be set to its value for the program
                        being run
 
-       SUDO_UID        Set to the user ID of the user who invoked sudo
-
 
 
-
-1.7.4                     July 14, 2010                         8
+1.7.4                     July 19, 2010                         8
 
 
 
@@ -532,6 +532,8 @@ EENNVVIIRROONNMMEENNTT
 SUDO(1m)               MAINTENANCE COMMANDS              SUDO(1m)
 
 
+       SUDO_UID        Set to the user ID of the user who invoked sudo
+
        SUDO_USER       Set to the login of the user who invoked sudo
 
        USER            Set to the target user (root unless the --uu option is
@@ -584,12 +586,10 @@ EEXXAAMMPPLLEESS
 
 SSEEEE AALLSSOO
        _g_r_e_p(1), _s_u(1), _s_t_a_t(2), _l_o_g_i_n___c_a_p(3), _p_a_s_s_w_d(4), _s_u_d_o_e_r_s(5),
-       _v_i_s_u_d_o(1m)
-
 
 
 
-1.7.4                     July 14, 2010                         9
+1.7.4                     July 19, 2010                         9
 
 
 
@@ -598,6 +598,8 @@ SSEEEE AALLSSOO
 SUDO(1m)               MAINTENANCE COMMANDS              SUDO(1m)
 
 
+       _v_i_s_u_d_o(1m)
+
 AAUUTTHHOORRSS
        Many people have worked on ssuuddoo over the years; this version consists
        of code written primarily by:
@@ -653,8 +655,6 @@ DDIISSCCLLAAIIMMEERR
 
 
 
-
-
-1.7.4                     July 14, 2010                        10
+1.7.4                     July 19, 2010                        10
 
 
diff --git a/sudo.man.in b/sudo.man.in
index e58aa1d60..1ffea70e0 100644
--- a/sudo.man.in
+++ b/sudo.man.in
@@ -149,7 +149,7 @@
 .\" ========================================================================
 .\"
 .IX Title "SUDO @mansectsu@"
-.TH SUDO @mansectsu@ "July 14, 2010" "1.7.4" "MAINTENANCE COMMANDS"
+.TH SUDO @mansectsu@ "July 19, 2010" "1.7.4" "MAINTENANCE COMMANDS"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
@@ -347,7 +347,7 @@ it is passed to the shell for execution.  Otherwise, an interactive
 shell is executed.  \fBsudo\fR attempts to change to that user's home
 directory before running the shell.  It also initializes the
 environment, leaving \fI\s-1DISPLAY\s0\fR and \fI\s-1TERM\s0\fR unchanged, setting
-\&\fI\s-1HOME\s0\fR, \fI\s-1SHELL\s0\fR, \fI\s-1USER\s0\fR, \fI\s-1LOGNAME\s0\fR, and \fI\s-1PATH\s0\fR, as well as
+\&\fI\s-1HOME\s0\fR, \fI\s-1MAIL\s0\fR, \fI\s-1SHELL\s0\fR, \fI\s-1USER\s0\fR, \fI\s-1LOGNAME\s0\fR, and \fI\s-1PATH\s0\fR, as well as
 the contents of \fI/etc/environment\fR on Linux and \s-1AIX\s0 systems.
 All other environment variables are removed.
 .IP "\-K" 12
@@ -615,6 +615,11 @@ information, please see the \f(CW\*(C`PREVENTING SHELL ESCAPES\*(C'\fR section i
 .IX Item "EDITOR"
 Default editor to use in \fB\-e\fR (sudoedit) mode if neither \f(CW\*(C`SUDO_EDITOR\*(C'\fR
 nor \f(CW\*(C`VISUAL\*(C'\fR is set
+.ie n .IP "\*(C`MAIL\*(C'" 16
+.el .IP "\f(CW\*(C`MAIL\*(C'\fR" 16
+.IX Item "MAIL"
+In \fB\-i\fR mode or when \fIenv_reset\fR is enabled in \fIsudoers\fR, set
+to the mail spool of the target user
 .ie n .IP "\*(C`HOME\*(C'" 16
 .el .IP "\f(CW\*(C`HOME\*(C'\fR" 16
 .IX Item "HOME"
diff --git a/sudo.pod b/sudo.pod
index 889ef7ebd..c2426a0d8 100644
--- a/sudo.pod
+++ b/sudo.pod
@@ -230,7 +230,7 @@ it is passed to the shell for execution.  Otherwise, an interactive
 shell is executed.  B<sudo> attempts to change to that user's home
 directory before running the shell.  It also initializes the
 environment, leaving I<DISPLAY> and I<TERM> unchanged, setting
-I<HOME>, I<SHELL>, I<USER>, I<LOGNAME>, and I<PATH>, as well as
+I<HOME>, I<MAIL>, I<SHELL>, I<USER>, I<LOGNAME>, and I<PATH>, as well as
 the contents of F</etc/environment> on Linux and AIX systems.
 All other environment variables are removed.
 
@@ -519,6 +519,11 @@ B<sudo> utilizes the following environment variables:
 Default editor to use in B<-e> (sudoedit) mode if neither C<SUDO_EDITOR>
 nor C<VISUAL> is set
 
+=item C<MAIL>
+
+In B<-i> mode or when I<env_reset> is enabled in I<sudoers>, set
+to the mail spool of the target user
+
 =item C<HOME>
 
 In B<-s> or B<-H> mode (or if sudo was configured with the