2010-11-16 14:35:27 +01:00
|
|
|
From b43728c1f0c7abe90e73369542564d3ad4704963 Mon Sep 17 00:00:00 2001
|
|
|
|
From: Werner Fink <werner@suse.de>
|
|
|
|
Date: Tue, 17 Aug 2010 09:09:55 +0200
|
|
|
|
Subject: [PATCH 6/7] make sure /sbin resp /usr/sbin are in PATH
|
|
|
|
|
|
|
|
---
|
|
|
|
src/su.c | 127 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
|
|
|
1 files changed, 127 insertions(+), 0 deletions(-)
|
|
|
|
|
- Update to 8.16:
- Improvements:
* As a GNU extension, 'chmod', 'mkdir', and 'install' now accept
operators '-', '+', '=' followed by octal modes;
* Also, ordinary numeric modes with five or more digits no longer
preserve setuid and setgid bits, so that 'chmod 00755 FOO' now
clears FOO's setuid and setgid bits.
* dd now accepts the count_bytes, skip_bytes iflags and the
seek_bytes oflag, to more easily allow processing portions of a
file.
* dd now accepts the conv=sparse flag to attempt to create sparse
output, by seeking rather than writing to the output file.
* ln now accepts the --relative option, to generate a relative
symbolic link to a target, irrespective of how the target is
specified.
* split now accepts an optional "from" argument to
--numeric-suffixes, which changes the start number from the
default of 0.
* split now accepts the --additional-suffix option, to append an
additional static suffix to output file names.
* basename now supports the -a and -s options, which allow
processing of more than one argument at a time. Also the
complementary -z option was added to delimit output items with
the NUL character.
* dirname now supports more than one argument. Also the complementary
z option was added to delimit output items with the NUL character.
- Bug fixes
* du --one-file-system (-x) would ignore any non-directory
specified on the command line. For example, "touch f; du -x f"
would print nothing. [bug introduced in coreutils-8.15]
* mv now lets you move a symlink onto a same-inode destination
file that has two or more hard links.
* "mv A B" could succeed, yet A would remain.
* realpath no longer mishandles a root directory.
- Improvements
* ls can be much more efficient, especially with large directories
on file systems for which getfilecon-, ACL-check- and XATTR-
check-induced syscalls fail with ENOTSUP or similar.
* 'realpath --relative-base=dir' in isolation now implies
'--relative-to=dir' instead of causing a usage failure.
* split now supports an unlimited number of split files as default
behavior.
For a detaild list se NEWS in the documentation.
- Add up-to-date german translation.
- Add two upstream patches that speed up ls (bnc#752943):
* Cache (l)getfilecon calls to avoid the vast majority of the failing
underlying getxattr syscalls.
* Avoids always-failing queries for whether a file has a nontrivial
ACL and for whether a file has certain "capabilities".
OBS-URL: https://build.opensuse.org/package/show/Base:System/coreutils?expand=0&rev=147
2012-04-16 17:12:46 +02:00
|
|
|
Index: src/su.c
|
|
|
|
===================================================================
|
2013-01-16 20:09:57 +01:00
|
|
|
--- src/su.c.orig
|
|
|
|
+++ src/su.c
|
- Update to 8.16:
- Improvements:
* As a GNU extension, 'chmod', 'mkdir', and 'install' now accept
operators '-', '+', '=' followed by octal modes;
* Also, ordinary numeric modes with five or more digits no longer
preserve setuid and setgid bits, so that 'chmod 00755 FOO' now
clears FOO's setuid and setgid bits.
* dd now accepts the count_bytes, skip_bytes iflags and the
seek_bytes oflag, to more easily allow processing portions of a
file.
* dd now accepts the conv=sparse flag to attempt to create sparse
output, by seeking rather than writing to the output file.
* ln now accepts the --relative option, to generate a relative
symbolic link to a target, irrespective of how the target is
specified.
* split now accepts an optional "from" argument to
--numeric-suffixes, which changes the start number from the
default of 0.
* split now accepts the --additional-suffix option, to append an
additional static suffix to output file names.
* basename now supports the -a and -s options, which allow
processing of more than one argument at a time. Also the
complementary -z option was added to delimit output items with
the NUL character.
* dirname now supports more than one argument. Also the complementary
z option was added to delimit output items with the NUL character.
- Bug fixes
* du --one-file-system (-x) would ignore any non-directory
specified on the command line. For example, "touch f; du -x f"
would print nothing. [bug introduced in coreutils-8.15]
* mv now lets you move a symlink onto a same-inode destination
file that has two or more hard links.
* "mv A B" could succeed, yet A would remain.
* realpath no longer mishandles a root directory.
- Improvements
* ls can be much more efficient, especially with large directories
on file systems for which getfilecon-, ACL-check- and XATTR-
check-induced syscalls fail with ENOTSUP or similar.
* 'realpath --relative-base=dir' in isolation now implies
'--relative-to=dir' instead of causing a usage failure.
* split now supports an unlimited number of split files as default
behavior.
For a detaild list se NEWS in the documentation.
- Add up-to-date german translation.
- Add two upstream patches that speed up ls (bnc#752943):
* Cache (l)getfilecon calls to avoid the vast majority of the failing
underlying getxattr syscalls.
* Avoids always-failing queries for whether a file has a nontrivial
ACL and for whether a file has certain "capabilities".
OBS-URL: https://build.opensuse.org/package/show/Base:System/coreutils?expand=0&rev=147
2012-04-16 17:12:46 +02:00
|
|
|
@@ -458,6 +458,117 @@ correct_password (const struct passwd *p
|
2006-12-19 00:15:28 +01:00
|
|
|
#endif /* !USE_PAM */
|
|
|
|
}
|
|
|
|
|
|
|
|
+/* Add or clear /sbin and /usr/sbin for the su command
|
|
|
|
+ used without `-'. */
|
|
|
|
+
|
|
|
|
+/* Set if /sbin is found in path. */
|
|
|
|
+#define SBIN_MASK 0x01
|
|
|
|
+/* Set if /usr/sbin is found in path. */
|
|
|
|
+#define USBIN_MASK 0x02
|
|
|
|
+
|
|
|
|
+static char *
|
|
|
|
+addsbin (const char *const path)
|
|
|
|
+{
|
|
|
|
+ unsigned char smask = 0;
|
|
|
|
+ char *ptr, *tmp, *cur, *ret = NULL;
|
|
|
|
+ size_t len;
|
|
|
|
+
|
|
|
|
+ if (!path || *path == 0)
|
|
|
|
+ return NULL;
|
|
|
|
+
|
|
|
|
+ tmp = xstrdup (path);
|
|
|
|
+ cur = tmp;
|
|
|
|
+ for (ptr = strsep (&cur, ":"); ptr != NULL; ptr = strsep (&cur, ":"))
|
|
|
|
+ {
|
|
|
|
+ if (!strcmp (ptr, "/sbin"))
|
|
|
|
+ smask |= SBIN_MASK;
|
|
|
|
+ if (!strcmp (ptr, "/usr/sbin"))
|
|
|
|
+ smask |= USBIN_MASK;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ if ((smask & (USBIN_MASK|SBIN_MASK)) == (USBIN_MASK|SBIN_MASK))
|
|
|
|
+ {
|
|
|
|
+ free (tmp);
|
|
|
|
+ return NULL;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ len = strlen (path);
|
|
|
|
+ if (!(smask & USBIN_MASK))
|
|
|
|
+ len += strlen ("/usr/sbin:");
|
|
|
|
+
|
|
|
|
+ if (!(smask & SBIN_MASK))
|
|
|
|
+ len += strlen (":/sbin");
|
|
|
|
+
|
|
|
|
+ ret = xmalloc (len + 1);
|
|
|
|
+ strcpy (tmp, path);
|
|
|
|
+
|
|
|
|
+ *ret = 0;
|
|
|
|
+ cur = tmp;
|
|
|
|
+ for (ptr = strsep (&cur, ":"); ptr; ptr = strsep (&cur, ":"))
|
|
|
|
+ {
|
|
|
|
+ if (!strcmp (ptr, "."))
|
|
|
|
+ continue;
|
|
|
|
+ if (*ret)
|
|
|
|
+ strcat (ret, ":");
|
|
|
|
+ if (!(smask & USBIN_MASK) && !strcmp (ptr, "/bin"))
|
|
|
|
+ {
|
|
|
|
+ strcat (ret, "/usr/sbin:");
|
|
|
|
+ strcat (ret, ptr);
|
|
|
|
+ smask |= USBIN_MASK;
|
|
|
|
+ continue;
|
|
|
|
+ }
|
|
|
|
+ if (!(smask & SBIN_MASK) && !strcmp (ptr, "/usr/bin"))
|
|
|
|
+ {
|
|
|
|
+ strcat (ret, ptr);
|
|
|
|
+ strcat (ret, ":/sbin");
|
|
|
|
+ smask |= SBIN_MASK;
|
|
|
|
+ continue;
|
|
|
|
+ }
|
|
|
|
+ strcat (ret, ptr);
|
|
|
|
+ }
|
|
|
|
+ free (tmp);
|
|
|
|
+
|
|
|
|
+ if (!(smask & USBIN_MASK))
|
|
|
|
+ strcat (ret, ":/usr/sbin");
|
|
|
|
+
|
|
|
|
+ if (!(smask & SBIN_MASK))
|
|
|
|
+ strcat (ret, ":/sbin");
|
|
|
|
+
|
|
|
|
+ return ret;
|
|
|
|
+}
|
|
|
|
+
|
|
|
|
+static char *
|
|
|
|
+clearsbin (const char *const path)
|
|
|
|
+{
|
|
|
|
+ char *ptr, *tmp, *cur, *ret = NULL;
|
|
|
|
+
|
|
|
|
+ if (!path || *path == 0)
|
|
|
|
+ return NULL;
|
|
|
|
+
|
|
|
|
+ tmp = strdup (path);
|
|
|
|
+ if (!tmp)
|
|
|
|
+ return NULL;
|
|
|
|
+
|
|
|
|
+ ret = xmalloc (strlen (path) + 1);
|
|
|
|
+ *ret = 0;
|
|
|
|
+ cur = tmp;
|
|
|
|
+ for (ptr = strsep (&cur, ":"); ptr; ptr = strsep (&cur, ":"))
|
|
|
|
+ {
|
|
|
|
+ if (!strcmp (ptr, "/sbin"))
|
|
|
|
+ continue;
|
|
|
|
+ if (!strcmp (ptr, "/usr/sbin"))
|
|
|
|
+ continue;
|
|
|
|
+ if (!strcmp (ptr, "/usr/local/sbin"))
|
|
|
|
+ continue;
|
|
|
|
+ if (*ret)
|
|
|
|
+ strcat (ret, ":");
|
|
|
|
+ strcat (ret, ptr);
|
|
|
|
+ }
|
|
|
|
+ free (tmp);
|
|
|
|
+
|
|
|
|
+ return ret;
|
|
|
|
+}
|
|
|
|
+
|
- Update to 8.16:
- Improvements:
* As a GNU extension, 'chmod', 'mkdir', and 'install' now accept
operators '-', '+', '=' followed by octal modes;
* Also, ordinary numeric modes with five or more digits no longer
preserve setuid and setgid bits, so that 'chmod 00755 FOO' now
clears FOO's setuid and setgid bits.
* dd now accepts the count_bytes, skip_bytes iflags and the
seek_bytes oflag, to more easily allow processing portions of a
file.
* dd now accepts the conv=sparse flag to attempt to create sparse
output, by seeking rather than writing to the output file.
* ln now accepts the --relative option, to generate a relative
symbolic link to a target, irrespective of how the target is
specified.
* split now accepts an optional "from" argument to
--numeric-suffixes, which changes the start number from the
default of 0.
* split now accepts the --additional-suffix option, to append an
additional static suffix to output file names.
* basename now supports the -a and -s options, which allow
processing of more than one argument at a time. Also the
complementary -z option was added to delimit output items with
the NUL character.
* dirname now supports more than one argument. Also the complementary
z option was added to delimit output items with the NUL character.
- Bug fixes
* du --one-file-system (-x) would ignore any non-directory
specified on the command line. For example, "touch f; du -x f"
would print nothing. [bug introduced in coreutils-8.15]
* mv now lets you move a symlink onto a same-inode destination
file that has two or more hard links.
* "mv A B" could succeed, yet A would remain.
* realpath no longer mishandles a root directory.
- Improvements
* ls can be much more efficient, especially with large directories
on file systems for which getfilecon-, ACL-check- and XATTR-
check-induced syscalls fail with ENOTSUP or similar.
* 'realpath --relative-base=dir' in isolation now implies
'--relative-to=dir' instead of causing a usage failure.
* split now supports an unlimited number of split files as default
behavior.
For a detaild list se NEWS in the documentation.
- Add up-to-date german translation.
- Add two upstream patches that speed up ls (bnc#752943):
* Cache (l)getfilecon calls to avoid the vast majority of the failing
underlying getxattr syscalls.
* Avoids always-failing queries for whether a file has a nontrivial
ACL and for whether a file has certain "capabilities".
OBS-URL: https://build.opensuse.org/package/show/Base:System/coreutils?expand=0&rev=147
2012-04-16 17:12:46 +02:00
|
|
|
/* Update 'environ' for the new shell based on PW, with SHELL being
|
2006-12-19 00:15:28 +01:00
|
|
|
the value for the SHELL environment variable. */
|
|
|
|
|
- Update to 8.16:
- Improvements:
* As a GNU extension, 'chmod', 'mkdir', and 'install' now accept
operators '-', '+', '=' followed by octal modes;
* Also, ordinary numeric modes with five or more digits no longer
preserve setuid and setgid bits, so that 'chmod 00755 FOO' now
clears FOO's setuid and setgid bits.
* dd now accepts the count_bytes, skip_bytes iflags and the
seek_bytes oflag, to more easily allow processing portions of a
file.
* dd now accepts the conv=sparse flag to attempt to create sparse
output, by seeking rather than writing to the output file.
* ln now accepts the --relative option, to generate a relative
symbolic link to a target, irrespective of how the target is
specified.
* split now accepts an optional "from" argument to
--numeric-suffixes, which changes the start number from the
default of 0.
* split now accepts the --additional-suffix option, to append an
additional static suffix to output file names.
* basename now supports the -a and -s options, which allow
processing of more than one argument at a time. Also the
complementary -z option was added to delimit output items with
the NUL character.
* dirname now supports more than one argument. Also the complementary
z option was added to delimit output items with the NUL character.
- Bug fixes
* du --one-file-system (-x) would ignore any non-directory
specified on the command line. For example, "touch f; du -x f"
would print nothing. [bug introduced in coreutils-8.15]
* mv now lets you move a symlink onto a same-inode destination
file that has two or more hard links.
* "mv A B" could succeed, yet A would remain.
* realpath no longer mishandles a root directory.
- Improvements
* ls can be much more efficient, especially with large directories
on file systems for which getfilecon-, ACL-check- and XATTR-
check-induced syscalls fail with ENOTSUP or similar.
* 'realpath --relative-base=dir' in isolation now implies
'--relative-to=dir' instead of causing a usage failure.
* split now supports an unlimited number of split files as default
behavior.
For a detaild list se NEWS in the documentation.
- Add up-to-date german translation.
- Add two upstream patches that speed up ls (bnc#752943):
* Cache (l)getfilecon calls to avoid the vast majority of the failing
underlying getxattr syscalls.
* Avoids always-failing queries for whether a file has a nontrivial
ACL and for whether a file has certain "capabilities".
OBS-URL: https://build.opensuse.org/package/show/Base:System/coreutils?expand=0&rev=147
2012-04-16 17:12:46 +02:00
|
|
|
@@ -497,6 +608,22 @@ modify_environment (const struct passwd
|
2006-12-19 00:15:28 +01:00
|
|
|
DEFAULT_LOGIN_PATH)
|
|
|
|
: getdef_str ("SUPATH",
|
|
|
|
DEFAULT_ROOT_LOGIN_PATH)));
|
|
|
|
+ else
|
|
|
|
+ {
|
|
|
|
+ char const *path = getenv ("PATH");
|
|
|
|
+ char *new = NULL;
|
|
|
|
+
|
|
|
|
+ if (pw->pw_uid)
|
|
|
|
+ new = clearsbin (path);
|
|
|
|
+ else
|
|
|
|
+ new = addsbin (path);
|
|
|
|
+
|
|
|
|
+ if (new)
|
|
|
|
+ {
|
|
|
|
+ xsetenv ("PATH", new);
|
|
|
|
+ free (new);
|
|
|
|
+ }
|
|
|
|
+ }
|
2010-07-19 14:13:47 +02:00
|
|
|
if (pw->pw_uid)
|
|
|
|
{
|
|
|
|
xsetenv ("USER", pw->pw_name);
|