Bug#330803: [OBORONA-SPAM] [Pkg-shadow-devel] Bug#330803: ENV_PATH
and ENV_SUPATH in /etc/login.defs are ignored
Alexander Gattin
xrgtn at yandex.ru
Thu Sep 29 22:08:13 UTC 2005
Hi!
On Thu, Sep 29, 2005 at 09:53:01PM +0200, Jakub Turski wrote:
> I did a quick overview, purged PATH setting from any /etc/* file
> (including /etc/security/pam_env.conf, /etc/profile, /etc/zsh/*), put
> bogus ENV_PATH in /etc/login.defs, and created a new user, without any
> dotfiles - with 4.0.12-5 I've been receiving empty PATH variable from
> login, which was substitued later on by some shell defaults. With
> 4.0.3-35, it works fine.
> ...
> I do believe, this is a bug.
The reason is that /etc/login.defs:*PATH is considered
obsoleted and ignored by new login package -- PAM
methods for setting this should be used instead. This
is a direction taken by upstream and Debian in general.
But:
1. there's a little bug in PAM, that makes pam_env.so
to not source pam_env.conf by default, and you
should use 'readenv=1' parameter
2. pam_env.so has a small deficiency that prevents it
from setting variables differently for root and
ordinary users (there's no conditional operators in
pam_env.conf syntax).
With /etc/login.defs, there were _separate_ PATH
settings for root and ordinary users -- ENV_SUPATH
and ENV_PATH correspondingly.
Probably, for the short term we will just restore
support for ENV_SUPATH and ENV_PATH...
--
WBR,
xrgtn
More information about the Pkg-shadow-devel
mailing list