Logo Search packages:      
Sourcecode: schroot version File versions  Download package

void auth::setupenv (  )  [inherited]

Import the user environment into PAM. If no environment was specified with set_environment, a minimal environment will be created containing HOME, LOGNAME, PATH, TERM and LOGNAME.

An error will be thrown on failure.

Definition at line 484 of file sbuild-auth.cc.

References sbuild::environment::add(), sbuild::auth::home, sbuild::auth::pam, sbuild::environment::remove(), sbuild::auth::shell, sbuild::auth::uid, sbuild::auth::user, and sbuild::auth::user_environment.

Referenced by sbuild::auth::run().

{
  assert(this->pam != 0); // PAM must be initialised

  int pam_status;

  environment environment;
  if (!this->user_environment.empty())
    environment = this->user_environment;

  // For security, PATH is always set to a sane state for root, but
  // only set in other cases if not preserving the environment.
  if (this->uid == 0)
    environment.add(std::make_pair("PATH", "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/bin/X11"));
  else if (this->user_environment.empty())
    environment.add(std::make_pair("PATH", "/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/games"));

  if (this->user_environment.empty())
    {
      if (!this->home.empty() )
      environment.add(std::make_pair("HOME", this->home));
      else
      environment.add(std::make_pair("HOME", "/"));
      if (!this->user.empty())
      {
        environment.add(std::make_pair("LOGNAME", this->user));
        environment.add(std::make_pair("USER", this->user));
      }
      {
      const char *term = getenv("TERM");
      if (term)
        environment.add(std::make_pair("TERM", term));
      }
      if (!this->shell.empty())
      environment.add(std::make_pair("SHELL", this->shell));
    }

  // Sanitise environment.
  environment.remove("BASH_ENV");
  environment.remove("CDPATH");
  environment.remove("ENV");
  environment.remove("HOSTALIASES");
  environment.remove("IFS");
  environment.remove("KRB5_CONFIG");
  environment.remove("KRBCONFDIR");
  environment.remove("KRBTKFILE");
  environment.remove("KRB_CONF");
  environment.remove("LOCALDOMAIN");
  environment.remove("NLSPATH");
  environment.remove("PATH_LOCALE");
  environment.remove("RES_OPTIONS");
  environment.remove("TERMINFO");
  environment.remove("TERMINFO_DIRS");
  environment.remove("TERMPATH");

  // Find and remove LD_.*,
  string_list ldvars;
  for (environment::const_iterator cur = environment.begin();
       cur != environment.end();)
    {
      environment::const_iterator next = cur;
      next++;

      if (cur->first.substr(0,3) == "LD_")
      environment.remove(cur->first);

      cur = next;
    }

  // Move into PAM environment.
  for (environment::const_iterator cur = environment.begin();
       cur != environment.end();
       ++cur)
    {
      std::string env_string = cur->first + "=" + cur->second;
      if ((pam_status =
         pam_putenv(this->pam, env_string.c_str())) != PAM_SUCCESS)
      {
        log_debug(DEBUG_WARNING) << "pam_putenv FAIL" << endl;
        format fmt(_("PAM error: %1%"));
        fmt % pam_strerror(this->pam, pam_status);
        throw error(fmt);
      }
      log_debug(DEBUG_INFO)
      << format("pam_putenv: set %1%=%2%") % cur->first % cur->second
      << endl;
    }

  log_debug(DEBUG_NOTICE) << "pam_putenv OK" << endl;
}


Generated by  Doxygen 1.6.0   Back to index