[sudo-users] sudo -i does not run root's .profile when issued

Todd C. Miller Todd.Miller at courtesan.com
Wed Nov 10 09:19:42 EST 2010 

> Have you added HOME to the list of environment variables to preserve
> in the env_keep list?  If so, that may be overriding the default
> behavior of "sudo -i".  This is arguably a bug.

This will be fixed in sudo 1.7.5.  Here's a diff against 1.7.4p4.

 - todd

--- 1.7.4p4/env.c	Wed Aug 18 15:27:03 2010
+++ 1.7.5/env.c	Mon Sep 27 14:09:19 2010
@@ -608,10 +611,16 @@
 #ifdef ENV_DEBUG
     memset(env.envp, 0, env.env_size * sizeof(char *));
 #endif
-    if (def_env_reset || ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
-	/* Reset HOME based on target user unless keeping old value. */
-	reset_home = TRUE;
 
+    /* Reset HOME based on target user if configured to. */
+    if (ISSET(sudo_mode, MODE_RUN)) {
+	if (def_always_set_home ||
+	    ISSET(sudo_mode, MODE_RESET_HOME | MODE_LOGIN_SHELL) || 
+	    (ISSET(sudo_mode, MODE_SHELL) && def_set_home))
+	    reset_home = TRUE;
+    }
+
+    if (def_env_reset || ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
 	/* Pull in vars we want to keep from the old environment. */
 	for (ep = old_envp; *ep; ep++) {
 	    int keepit;
@@ -696,6 +705,11 @@
 	    if (!ISSET(didvar, DID_USERNAME))
 		sudo_setenv("USERNAME", user_name, FALSE);
 	}
+
+	/* If we didn't keep HOME, reset it based on target user. */
+	if (!ISSET(didvar, KEPT_HOME))
+	    reset_home = TRUE;
+
 	/*
 	 * Set MAIL to target user in -i mode or if MAIL is not preserved
 	 * from user's environment.
@@ -709,13 +723,6 @@
 	    sudo_putenv(cp, ISSET(didvar, DID_MAIL), TRUE);
 	}
     } else {
-	/* Reset HOME based on target user if configured to. */
-	if (ISSET(sudo_mode, MODE_RUN)) {
-	    if (def_always_set_home || ISSET(sudo_mode, MODE_RESET_HOME) || 
-		(ISSET(sudo_mode, MODE_SHELL) && def_set_home))
-		reset_home = TRUE;
-	}
-
 	/*
 	 * Copy environ entries as long as they don't match env_delete or
 	 * env_check.
@@ -765,7 +772,7 @@
     }
 
     /* Set $HOME to target user if not preserving user's value. */
-    if (reset_home && !ISSET(didvar, KEPT_HOME))
+    if (reset_home)
 	sudo_setenv("HOME", runas_pw->pw_dir, TRUE);
 
     /* Provide default values for $TERM and $PATH if they are not set. */

More information about the sudo-users mailing list