Made a small change to the way setusercontext is handled. Environment

variables (like LANG) are set from the target user when logins are simulated with the -S flag. However, login.conf environment variables of the target user are not set when -S is not specified so we keep the calling user's language/environment for most things.
2024-10-04 15:10:15 +00:00 · 2021-06-01 22:54:57 -03:00 · 2021-06-01 22:54:57 -03:00 · 3f2e8fc591
parent c70338eefd
commit 3f2e8fc591
1 changed files with 18 additions and 5 deletions
--- a/doas.c
+++ b/doas.c
@ -520,11 +520,24 @@ main(int argc, char **argv)

        
 #if defined(HAVE_LOGIN_CAP_H)
-	if (setusercontext(NULL, target_pw, target, LOGIN_SETENV | 
-            LOGIN_SETGROUP | LOGIN_SETLOGINCLASS |
-	    LOGIN_SETPRIORITY | LOGIN_SETRESOURCES | LOGIN_SETUMASK |
-	    LOGIN_SETUSER) != 0)
-		errx(1, "failed to set user context for target");
+        /* When simulating full login we want the target environment */
+        if (Sflag)
+        {
+	    if (setusercontext(NULL, target_pw, target, LOGIN_SETENV | 
+                LOGIN_SETGROUP | LOGIN_SETLOGINCLASS |
+                LOGIN_SETPRIORITY | LOGIN_SETRESOURCES | LOGIN_SETUMASK |
+	        LOGIN_SETUSER) != 0)
+		     errx(1, "failed to set user context for target");
+        }
+        /* No imulated login, skip setting target environment */
+        else
+        {
+           if (setusercontext(NULL, target_pw, target, 
+                LOGIN_SETGROUP | LOGIN_SETLOGINCLASS |
+                LOGIN_SETPRIORITY | LOGIN_SETRESOURCES | LOGIN_SETUMASK |
+                LOGIN_SETUSER) != 0)
+                     errx(1, "failed to set user context for target");
+        }
 #else
 	#if defined(__linux__) || defined(__FreeBSD__)
 	if (setresgid(target_pw->pw_gid, target_pw->pw_gid, target_pw->pw_gid) == -1)