X-Git-Url: https://git.armaanb.net/?p=opendoas.git;a=blobdiff_plain;f=env.c;h=c0f38378e7947c90e77e23396921179be4d6d602;hp=3e8b95d44c7c5c67096f3438278fc0fa4f26982c;hb=01c658f8c45cb92a343be5f32aa6da70b2032168;hpb=dbc7d06b5bbf01652744423bd8825ea7b5e92f73

diff --git a/env.c b/env.c
index 3e8b95d..c0f3837 100644
--- a/env.c
+++ b/env.c
@@ -24,6 +24,7 @@
 #include <err.h>
 #include <unistd.h>
 #include <errno.h>
+#include <pwd.h>
 
 #include "doas.h"
 #include "includes.h"
@@ -39,6 +40,8 @@ struct env {
 	u_int count;
 };
 
+static void fillenv(struct env *env, const char **envlist);
+
 static int
 envcmp(struct envnode *a, struct envnode *b)
 {
@@ -69,8 +72,19 @@ freenode(struct envnode *node)
 	free(node);
 }
 
+static void
+addnode(struct env *env, const char *key, const char *value)
+{
+	struct envnode *node;
+
+	node = createnode(key, value);
+	RB_INSERT(envtree, &env->root, node);
+	env->count++;
+}
+
 static struct env *
-createenv(const struct rule *rule)
+createenv(const struct rule *rule, const struct passwd *mypw,
+    const struct passwd *targpw)
 {
 	struct env *env;
 	u_int i;
@@ -81,6 +95,8 @@ createenv(const struct rule *rule)
 	RB_INIT(&env->root);
 	env->count = 0;
 
+	addnode(env, "DOAS_USER", mypw->pw_name);
+
 	if (rule->options & KEEPENV) {
 		extern char **environ;
 
@@ -109,6 +125,19 @@ createenv(const struct rule *rule)
 				env->count++;
 			}
 		}
+	} else {
+		static const char *copyset[] = {
+			"DISPLAY", "TERM",
+			NULL
+		};
+
+		addnode(env, "HOME", targpw->pw_dir);
+		addnode(env, "LOGNAME", targpw->pw_name);
+		addnode(env, "PATH", getenv("PATH"));
+		addnode(env, "SHELL", targpw->pw_shell);
+		addnode(env, "USER", targpw->pw_name);
+
+		fillenv(env, copyset);
 	}
 
 	return env;
@@ -187,20 +216,12 @@ fillenv(struct env *env, const char **envlist)
 }
 
 char **
-prepenv(const struct rule *rule)
+prepenv(const struct rule *rule, const struct passwd *mypw,
+    const struct passwd *targpw)
 {
-	static const char *safeset[] = {
-		"DISPLAY", "HOME", "LOGNAME", "MAIL",
-		"PATH", "TERM", "USER", "USERNAME",
-		NULL
-	};
 	struct env *env;
 
-	env = createenv(rule);
-
-	/* if we started with blank, fill some defaults then apply rules */
-	if (!(rule->options & KEEPENV))
-		fillenv(env, safeset);
+	env = createenv(rule, mypw, targpw);
 	if (rule->envlist)
 		fillenv(env, rule->envlist);