[Pkg-shadow-commits] r3344 - in upstream/trunk: . src

Mon Jun 13 18:26:11 UTC 2011

Author: nekral-guest
Date: 2011-06-13 18:26:10 +0000 (Mon, 13 Jun 2011)
New Revision: 3344

Modified:
   upstream/trunk/ChangeLog
   upstream/trunk/src/su.c
Log:
	* src/su.c: Define shellstr before the environment so that
	restricted_shell is called only once. This will allow moving the
	environment definition after the switch to the new user.

Modified: upstream/trunk/ChangeLog
===================================================================

--- upstream/trunk/ChangeLog	2011-06-13 18:25:57 UTC (rev 3343)
+++ upstream/trunk/ChangeLog	2011-06-13 18:26:10 UTC (rev 3344)
@@ -13,6 +13,9 @@
 	reset to false).
 	* src/su.c: No need to change the user's shell in case of
 	subsystem root. Update the comments.
+	* src/su.c: Define shellstr before the environment so that
+	restricted_shell is called only once. This will allow moving the
+	environment definition after the switch to the new user.
 
 2011-06-10  Nicolas François  <nicolas.francois at centraliens.net>
 

Modified: upstream/trunk/src/su.c
===================================================================
--- upstream/trunk/src/su.c	2011-06-13 18:25:57 UTC (rev 3343)
+++ upstream/trunk/src/su.c	2011-06-13 18:26:10 UTC (rev 3344)
@@ -804,12 +804,39 @@
 		goto top;		/* authenticate in the subsystem */
 	}
 
-	/* If su is not called by root, and the target user has a restricted
-	 * shell, the environment must be changed.
+	/* If the user do not want to change the environment,
+	 * use the current SHELL.
+	 * (unless another shell is required by the command line)
 	 */
-	change_environment |= (restricted_shell (pwent.pw_shell) && !amroot);
+	if ((NULL == shellstr) && !change_environment) {
+		shellstr = getenv ("SHELL");
+	}
 
+	/* If su is not called by root, and the target user has a
+	 * restricted shell, the environment must be changed and the shell
+	 * must be the one specified in /etc/passwd.
+	 */
+	if (   !amroot
+	    && restricted_shell (pwent.pw_shell)) {
+		shellstr = NULL;
+		change_environment = true;
+	}
+
+	/* If the shell is not set at this time, use the shell specified
+	 * in /etc/passwd.
+	 */
+	if (NULL == shellstr) {
+		shellstr = (char *) strdup (pwent.pw_shell);
+	}
+
 	/*
+	 * Set the default shell.
+	 */
+	if ((NULL == shellstr) || ('\0' == shellstr[0])) {
+		shellstr = SHELL;
+	}
+
+	/*
 	 * If a new login is being set up, the old environment will be
 	 * ignored and a new one created later on.
 	 */
@@ -870,35 +897,6 @@
 		}
 	}
 
-	/* If the user do not want to change the environment,
-	 * use the current SHELL.
-	 * (unless another shell is required by the command line)
-	 */
-	if ((NULL == shellstr) && !change_environment) {
-		shellstr = getenv ("SHELL");
-	}
-	/* For users with non null UID, if this user has a restricted
-	 * shell, the shell must be the one specified in /etc/passwd
-	 */
-	if (   (NULL != shellstr)
-	    && !amroot
-	    && restricted_shell (pwent.pw_shell)) {
-		shellstr = NULL;
-	}
-	/* If the shell is not set at this time, use the shell specified
-	 * in /etc/passwd.
-	 */
-	if (NULL == shellstr) {
-		shellstr = (char *) strdup (pwent.pw_shell);
-	}
-
-	/*
-	 * Set the default shell.
-	 */
-	if ((NULL == shellstr) || ('\0' == shellstr[0])) {
-		shellstr = SHELL;
-	}
-
 	cp = getdef_str ((pwent.pw_uid == 0) ? "ENV_SUPATH" : "ENV_PATH");
 	if (NULL == cp) {
 		addenv ((pwent.pw_uid == 0) ? "PATH=/sbin:/bin:/usr/sbin:/usr/bin" : "PATH=/bin:/usr/bin", NULL);


