[sudo-users] sudo -i does not run root's .profile when issued
Todd C. Miller
Todd.Miller at courtesan.com
Wed Nov 10 09:19:42 EST 2010
> Have you added HOME to the list of environment variables to preserve
> in the env_keep list? If so, that may be overriding the default
> behavior of "sudo -i". This is arguably a bug.
This will be fixed in sudo 1.7.5. Here's a diff against 1.7.4p4.
- todd
--- 1.7.4p4/env.c Wed Aug 18 15:27:03 2010
+++ 1.7.5/env.c Mon Sep 27 14:09:19 2010
@@ -608,10 +611,16 @@
#ifdef ENV_DEBUG
memset(env.envp, 0, env.env_size * sizeof(char *));
#endif
- if (def_env_reset || ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
- /* Reset HOME based on target user unless keeping old value. */
- reset_home = TRUE;
+ /* Reset HOME based on target user if configured to. */
+ if (ISSET(sudo_mode, MODE_RUN)) {
+ if (def_always_set_home ||
+ ISSET(sudo_mode, MODE_RESET_HOME | MODE_LOGIN_SHELL) ||
+ (ISSET(sudo_mode, MODE_SHELL) && def_set_home))
+ reset_home = TRUE;
+ }
+
+ if (def_env_reset || ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
/* Pull in vars we want to keep from the old environment. */
for (ep = old_envp; *ep; ep++) {
int keepit;
@@ -696,6 +705,11 @@
if (!ISSET(didvar, DID_USERNAME))
sudo_setenv("USERNAME", user_name, FALSE);
}
+
+ /* If we didn't keep HOME, reset it based on target user. */
+ if (!ISSET(didvar, KEPT_HOME))
+ reset_home = TRUE;
+
/*
* Set MAIL to target user in -i mode or if MAIL is not preserved
* from user's environment.
@@ -709,13 +723,6 @@
sudo_putenv(cp, ISSET(didvar, DID_MAIL), TRUE);
}
} else {
- /* Reset HOME based on target user if configured to. */
- if (ISSET(sudo_mode, MODE_RUN)) {
- if (def_always_set_home || ISSET(sudo_mode, MODE_RESET_HOME) ||
- (ISSET(sudo_mode, MODE_SHELL) && def_set_home))
- reset_home = TRUE;
- }
-
/*
* Copy environ entries as long as they don't match env_delete or
* env_check.
@@ -765,7 +772,7 @@
}
/* Set $HOME to target user if not preserving user's value. */
- if (reset_home && !ISSET(didvar, KEPT_HOME))
+ if (reset_home)
sudo_setenv("HOME", runas_pw->pw_dir, TRUE);
/* Provide default values for $TERM and $PATH if they are not set. */
More information about the sudo-users
mailing list