From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Tue, 15 Jan 2002 23:43:59 +0000 (+0000)
Subject: The SHELL environment variable was preserved from the user's
X-Git-Tag: SUDO_1_6_5~13
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=ea24bef19cfe5a72ab28bf977e9f003aa3a2392b;p=sudo

The SHELL environment variable was preserved from the user's
environment instead of being reset based on the passwd database
when the "env_reset" option was used.  Now it is reset as it should be.
---

diff --git a/env.c b/env.c
index b6e035aff..42f2ce0fa 100644
--- a/env.c
+++ b/env.c
@@ -341,7 +341,7 @@ rebuild_env(sudo_mode, envp)
 	if (!(didvar & DID_HOME))
 	    *nep++ = format_env("HOME", user_dir);
 	if (!(didvar & DID_SHELL))
-	    *nep++ = format_env("SHELL", user_shell);
+	    *nep++ = format_env("SHELL", sudo_user.pw->pw_shell);
 	if (!(didvar & DID_LOGNAME))
 	    *nep++ = format_env("LOGNAME", user_name);
 	if (!(didvar & DID_USER))
diff --git a/getspwuid.c b/getspwuid.c
index b67027baa..f6d137017 100644
--- a/getspwuid.c
+++ b/getspwuid.c
@@ -98,30 +98,9 @@ int crypt_type = INT_MAX;
 /*
  * Local functions not visible outside getspwuid.c
  */
-static char *sudo_getshell		__P((struct passwd *));
 static struct passwd *sudo_pwdup	__P((struct passwd *));
 
 
-/*
- * Return the user's shell based on either the SHELL environment variable
- * (already assigned to user_shell) or, failing that, the passwd(5) entry.
- */
-static char *
-sudo_getshell(pw)
-    struct passwd *pw;
-{
-    char *pw_shell;
-
-    if ((pw_shell = user_shell) == NULL)
-	pw_shell = pw->pw_shell;
-
-    /* empty string "" means bourne shell */
-    if (*pw_shell == '\0')
-	pw_shell = _PATH_BSHELL;
-
-    return(pw_shell);
-}
-
 /*
  * Return a copy of the encrypted password for the user described by pw.
  * If shadow passwords are in use, look in the shadow file.
@@ -236,8 +215,11 @@ sudo_pwdup(pw)
     local_pw->pw_class = estrdup(pw->pw_class);
 #endif
 
-    /* pw_shell is a special case since we overide with $SHELL */
-    local_pw->pw_shell = estrdup(sudo_getshell(pw));
+    /* If shell field is empty, expand to _PATH_BSHELL. */
+    if (local_pw->pw_shell[0] == '\0')
+	local_pw->pw_shell = _PATH_BSHELL;
+    else
+	local_pw->pw_shell = estrdup(pw->pw_shell);
 
     /* pw_passwd gets a shadow password if applicable */
     local_pw->pw_passwd = sudo_getepw(pw);
diff --git a/sudo.c b/sudo.c
index 87a76eb42..39ef205be 100644
--- a/sudo.c
+++ b/sudo.c
@@ -511,7 +511,8 @@ init_vars(sudo_mode)
 	log_error(0, "uid %ld does not exist in the passwd file!",
 	    (long) pw.pw_uid);
     }
-    user_shell = sudo_user.pw->pw_shell;
+    if (user_shell == NULL || *user_shell == '\0')
+	user_shell = sudo_user.pw->pw_shell;
 
     /* It is now safe to use log_error() and set_perms() */