Bug 3619
| Summary: | xdm doesn't copy environment variables from PAM to user session | ||
|---|---|---|---|
| Product: | [Retired] Red Hat Linux | Reporter: | Nalin Dahyabhai <nalin.dahyabhai> |
| Component: | XFree86 | Assignee: | Preston Brown <pbrown> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | low | ||
| Version: | 6.0 | CC: | mkp |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 1999-08-31 18:48:13 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
This code looks right at first glance. It should be placed directly after the section that calls pam_open_session(). We would also have to make sure that each of these components links against -lpam_misc as well as -lpam, as well as define HAVE_PAM_MISC. Actually, the code should just call pam_getenvlist() from libpam instead of pam_misc_copy_env(), which is deprecated. I missed it because this is only documented in the pam_misc header file. Mark has already fixed it in gdm2 in CVS. fixed in our forthcoming XFree86 3.3.5 errata release. |
If a module for PAM sets an environment variable (example: a Kerberos module that needs to set the KRB5CCNAME or KRBTKFILE variables to the names of ticket files for the user), it doesn't get passed on to the user session that gets started. The fix (to session.c) might look something like this: #ifdef HAVE_PAM_MISC /* if we have a pam_misc library on this system, pass in environment variables set by libpam and modules it called */ if(pamh != NULL) { long i; char **pam_env = pam_misc_copy_env(pamh); for(i = 0; pam_env && pam_env[i]; i++) { verify->userEnviron = putEnv(pam_env[i], verify->userEnviron); } } #endif /* HAVE_PAM_MISC */ * kdm and gdm also have this problem.