sudo passes SHELL environment variable twice
Resolves: RHEL-127359 - sudo passes SHELL environment variable twice to the shell being executed [rhel-9]
This commit is contained in:
Alejandro López
parent
89295ead98
commit
aba6a0453e
32
0003-rebuild_env-Avoid-setting-SHELL-twice-for-sudo-i.patch
Normal file
32
0003-rebuild_env-Avoid-setting-SHELL-twice-for-sudo-i.patch
Normal file
@ -0,0 +1,32 @@
|
||||
From 3d467a705ea6ee53081cb11cc21ecf08eb47700d Mon Sep 17 00:00:00 2001
|
||||
From: "Todd C. Miller" <Todd.Miller@sudo.ws>
|
||||
Date: Thu, 6 Nov 2025 12:05:24 -0700
|
||||
Subject: [PATCH] rebuild_env: Avoid setting SHELL twice for "sudo -i"
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Make sure DID_SHELL is set when we set SHELL in the "sudo -i" case.
|
||||
Otherwise, it will be set again when setting fallback values.
|
||||
Reported by Alejandro López at Red Hat.
|
||||
|
||||
The code to make sure that SHELL is setu
|
||||
---
|
||||
plugins/sudoers/env.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/plugins/sudoers/env.c b/plugins/sudoers/env.c
|
||||
index 866ef3991..61b615513 100644
|
||||
--- a/plugins/sudoers/env.c
|
||||
+++ b/plugins/sudoers/env.c
|
||||
@@ -966,6 +966,7 @@ rebuild_env(const struct sudoers_context *ctx)
|
||||
if (ISSET(ctx->mode, MODE_LOGIN_SHELL)) {
|
||||
CHECK_SETENV2("SHELL", ctx->runas.pw->pw_shell,
|
||||
ISSET(didvar, DID_SHELL), true);
|
||||
+ SET(didvar, DID_SHELL);
|
||||
#ifdef _AIX
|
||||
CHECK_SETENV2("LOGIN", ctx->runas.pw->pw_name,
|
||||
ISSET(didvar, DID_LOGIN), true);
|
||||
--
|
||||
2.51.1
|
||||
|
||||
10
sudo.spec
10
sudo.spec
@ -27,6 +27,7 @@ BuildRequires: zlib-devel
|
||||
|
||||
Patch1: 0001-covscan.patch
|
||||
Patch2: 0002-sudo-conf.patch
|
||||
Patch3: 0003-rebuild_env-Avoid-setting-SHELL-twice-for-sudo-i.patch
|
||||
|
||||
%description
|
||||
Sudo (superuser do) allows a system administrator to give certain
|
||||
@ -61,6 +62,7 @@ BuildRequires: python3-devel
|
||||
|
||||
%patch -P 1 -p1 -b .covscan
|
||||
%patch -P 2 -p1 -b .sudo-conf
|
||||
%patch -P 3 -p1 -b .double-shell
|
||||
|
||||
|
||||
%build
|
||||
@ -237,15 +239,13 @@ EOF
|
||||
%attr(0644,root,root) %{_libexecdir}/sudo/python_plugin.so
|
||||
|
||||
%changelog
|
||||
* Thu Nov 13 2025 Alejandro López <allopez@redhat.com> - 1.9.17p2-2
|
||||
* Mon Nov 17 2025 Alejandro López <allopez@redhat.com> - 1.9.17p2-2
|
||||
- Request to backport support for regex in sudo [rhel-9]
|
||||
Resolves: RHEL-1376
|
||||
- Rebase of sudo to 1.9.17p2 [rhel-9]
|
||||
Resolves: RHEL-128623
|
||||
|
||||
* Tue Nov 04 2025 Alejandro López <allopez@redhat.com> - 1.9.17p2-1
|
||||
Resolves: RHEL-122298
|
||||
- Rebase sudo to 1.9.17p2 [rhel-9.7.z]
|
||||
- sudo passes SHELL environment variable twice to the shell being executed [rhel-9]
|
||||
Resolves: RHEL-127359
|
||||
|
||||
* Fri Apr 25 2025 Radovan Sroka <rsroka@redhat.com> - 1.9.5p2-13
|
||||
RHEL: 9.7.0 ERRATUM
|
||||
|
||||
Loading…
Reference in New Issue
Block a user