[PATCH] Export PAM environment to shell
Denys Vlasenko
vda.linux at googlemail.com
Thu Mar 31 08:51:32 UTC 2011
On Thu, Mar 31, 2011 at 1:00 AM, Ryan Phillips <ryan at trolocsis.com> wrote:
> Denys Vlasenko <vda.linux at googlemail.com> said:
>> On Tuesday 15 March 2011 16:28, Ryan Phillips wrote:
>> > Hi!
>> >
>> > Here is a patch to export the PAM environment to the shell. This patch is needed
>> > for certain PAM modules that manipulate environment variables.
>>
>> Since you only need to do it in login, can you put necessary
>> code in login.c, instead of touching so many other files too?
>
> Denys,
>
> The function that is called is a shared API call to other applications. IIRC,
> the modified function does a clearenv() so I believe this modification will need
> an API change.
I don't understand your explanation.
You added the following to setup_environment():
-void FAST_FUNC setup_environment(const char *shell, int flags, const
struct passwd *pw)
+void FAST_FUNC setup_environment(const char *shell, int flags, const
struct passwd *pw, char **pam_envlist )
...
+ if (pam_envlist) {
+ int i;
+ for (i=0; pam_envlist[i] != NULL; i++) {
+ putenv(pam_envlist[i]);
+ }
+ }
}
In su and crontab, you pass pam_envlist = NULL. Which means
setup_environment() actions won't change for these applets.
Only in login you pass non-NULL:
+
+ /* Get PAM environment */
+ pam_envlist = pam_getenvlist(pamh);
+
...
setup_environment(pw->pw_shell,
(!(opt & LOGIN_OPT_p) * SETUP_ENV_CLEARENV) +
SETUP_ENV_CHANGEENV,
- pw);
+ pw,
+ pam_envlist);
Question:
Why don't you just add this code block directly in login.c?
What's the point adding it in setup_environment()?
--
vda
More information about the busybox
mailing list