Fix the environment handling:

However, there's still a bug in login.c
because you copy the environment *before* the call to pam_open_session,
which won't set the necessary variables set by /usr/ports/security/pam_ssh.

Submitted by:	Volker Stolz <stolz@hyperion.informatik.rwth-aachen.de>
This commit is contained in:
Mark Murray 2001-07-28 19:53:10 +00:00
parent 00efe71bc7
commit 9567ba9dda

View File

@ -575,18 +575,6 @@ main(argc, argv)
if (!pflag)
environ = envinit;
#ifdef USE_PAM
/*
* Add any environmental variables that the
* PAM modules may have set.
*/
if (pamh) {
environ_pam = pam_getenvlist(pamh);
if (environ_pam)
export_pam_environment();
}
#endif /* USE_PAM */
/*
* PAM modules might add supplementary groups during pam_setcred().
*/
@ -606,6 +594,17 @@ main(argc, argv)
pam_strerror(pamh, e));
}
/*
* Add any environmental variables that the
* PAM modules may have set.
* Call *after* opening session!
*/
if (pamh) {
environ_pam = pam_getenvlist(pamh);
if (environ_pam)
export_pam_environment();
}
/*
* We must fork() before setuid() because we need to call
* pam_close_session() as root.