const char *confpath = NULL;
char *shargv[] = { NULL, NULL };
char *sh;
+ const char *p;
const char *cmd;
char cmdline[LINE_MAX];
#ifdef __OpenBSD__
# endif
}
+ if ((p = getenv("PATH")) != NULL)
+ formerpath = strdup(p);
+ if (formerpath == NULL)
+ formerpath = "";
+
+# ifdef __OpenBSD__
+ if (unveil(_PATH_LOGIN_CONF, "r") == -1 ||
+ unveil(_PATH_LOGIN_CONF ".db", "r") == -1)
+ err(1, "unveil");
+# endif
+ if (rule->cmd) {
+ if (setenv("PATH", safepath, 1) == -1)
+ err(1, "failed to set PATH '%s'", safepath);
+ }
# ifdef __OpenBSD__
+ if (unveilcommands(getenv("PATH"), cmd) == 0)
+ goto fail;
+
if (pledge("stdio rpath getpw exec id", NULL) == -1)
err(1, "pledge");
# endif
extern int nrules;
extern int parse_errors;
+extern const char *formerpath;
+
struct passwd;
char **prepenv(const struct rule *, const struct passwd *,
#include "doas.h"
#include "includes.h"
+const char *formerpath;
+
struct envnode {
RB_ENTRY(envnode) node;
const char *key;
/* assign value or inherit from environ */
if (eq) {
val = eq + 1;
- if (*val == '$')
- val = getenv(val + 1);
+ if (*val == '$') {
+ if (strcmp(val + 1, "PATH") == 0)
+ val = formerpath;
+ else
+ val = getenv(val + 1);
+ }
} else {
val = getenv(name);
}