redo the environment inheritance to not inherit. it was intended to make life easier...

diff --git a/doas.c b/doas.c
index 1fd0e9a9c455ab62e32b738019cc2f3fbb14a947..5396df0d4657a23be99b48f2e304a50e1ed02788 100644 (file)
--- a/doas.c
+++ b/doas.c
@@ -449,6 +449,7 @@ main(int argc, char **argv)
 
 #ifdef HAVE_SETUSERCONTEXT
        if (setusercontext(NULL, targpw, target, LOGIN_SETGROUP |
+           LOGIN_SETPATH |
            LOGIN_SETPRIORITY | LOGIN_SETRESOURCES | LOGIN_SETUMASK |
            LOGIN_SETUSER) != 0)
                errx(1, "failed to set user context for target");
@@ -479,9 +480,10 @@ main(int argc, char **argv)
        syslog(LOG_AUTHPRIV | LOG_INFO, "%s ran command %s as %s from %s",
            mypw->pw_name, cmdline, targpw->pw_name, cwd);
 
-       envp = prepenv(rule);
+       envp = prepenv(rule, mypw, targpw);
 
        if (rule->cmd) {
+               /* do this again after setusercontext reset it */
                if (setenv("PATH", safepath, 1) == -1)
                        err(1, "failed to set PATH '%s'", safepath);
        }

diff --git a/doas.conf.5 b/doas.conf.5
index 95daf4ccb745b03aff3435cdeb4724255a03c653..8fd700bd7f6f076c1727a405eb74a69d811df8d9 100644 (file)
--- a/doas.conf.5
+++ b/doas.conf.5
@@ -51,15 +51,9 @@ again for some time.
 .It Ic keepenv
 The user's environment is maintained.
 The default is to reset the environment, except for the variables
-.Ev DISPLAY ,
-.Ev HOME ,
-.Ev LOGNAME ,
-.Ev MAIL ,
-.Ev PATH ,
-.Ev TERM ,
-.Ev USER
+.Ev DISPLAY
 and
-.Ev USERNAME .
+.Ev TERM .
 .It Ic setenv { Oo Ar variable ... Oc Oo Ar variable=value ... Oc Ic }
 In addition to the variables mentioned above, keep the space-separated
 specified variables.

diff --git a/doas.h b/doas.h
index 48069dbbace38d37580d61f6257398c9253a449f..3831dc7425f2e4cda6e45ea96157ce47af6cc26b 100644 (file)
--- a/doas.h
+++ b/doas.h
@@ -29,7 +29,10 @@ extern struct rule **rules;
 extern int nrules;
 extern int parse_errors;
 
-char **prepenv(const struct rule *);
+struct passwd;
+
+char **prepenv(const struct rule *, const struct passwd *,
+    const struct passwd *);
 
 #define PERMIT 1
 #define DENY   2

diff --git a/env.c b/env.c
index 3e8b95d44c7c5c67096f3438278fc0fa4f26982c..c0f38378e7947c90e77e23396921179be4d6d602 100644 (file)
--- a/env.c
+++ b/env.c
@@ -24,6 +24,7 @@
 #include <err.h>
 #include <unistd.h>
 #include <errno.h>
+#include <pwd.h>
 
 #include "doas.h"
 #include "includes.h"
@@ -39,6 +40,8 @@ struct env {
        u_int count;
 };
 
+static void fillenv(struct env *env, const char **envlist);
+
 static int
 envcmp(struct envnode *a, struct envnode *b)
 {
@@ -69,8 +72,19 @@ freenode(struct envnode *node)
        free(node);
 }
 
+static void
+addnode(struct env *env, const char *key, const char *value)
+{
+       struct envnode *node;
+
+       node = createnode(key, value);
+       RB_INSERT(envtree, &env->root, node);
+       env->count++;
+}
+
 static struct env *
-createenv(const struct rule *rule)
+createenv(const struct rule *rule, const struct passwd *mypw,
+    const struct passwd *targpw)
 {
        struct env *env;
        u_int i;
@@ -81,6 +95,8 @@ createenv(const struct rule *rule)
        RB_INIT(&env->root);
        env->count = 0;
 
+       addnode(env, "DOAS_USER", mypw->pw_name);
+
        if (rule->options & KEEPENV) {
                extern char **environ;
 
@@ -109,6 +125,19 @@ createenv(const struct rule *rule)
                                env->count++;
                        }
                }
+       } else {
+               static const char *copyset[] = {
+                       "DISPLAY", "TERM",
+                       NULL
+               };
+
+               addnode(env, "HOME", targpw->pw_dir);
+               addnode(env, "LOGNAME", targpw->pw_name);
+               addnode(env, "PATH", getenv("PATH"));
+               addnode(env, "SHELL", targpw->pw_shell);
+               addnode(env, "USER", targpw->pw_name);
+
+               fillenv(env, copyset);
        }
 
        return env;
@@ -187,20 +216,12 @@ fillenv(struct env *env, const char **envlist)
 }
 
 char **
-prepenv(const struct rule *rule)
+prepenv(const struct rule *rule, const struct passwd *mypw,
+    const struct passwd *targpw)
 {
-       static const char *safeset[] = {
-               "DISPLAY", "HOME", "LOGNAME", "MAIL",
-               "PATH", "TERM", "USER", "USERNAME",
-               NULL
-       };
        struct env *env;
 
-       env = createenv(rule);
-
-       /* if we started with blank, fill some defaults then apply rules */
-       if (!(rule->options & KEEPENV))
-               fillenv(env, safeset);
+       env = createenv(rule, mypw, targpw);
        if (rule->envlist)
                fillenv(env, rule->envlist);