vncsession: use /bin/sh if the user shell is not set
Resolves: RHEL-52827
This commit is contained in:
parent
2ae9746371
commit
81e5dc3954
29
tigervnc-vncsession-use-bin-sh-when-shell-not-set.patch
Normal file
29
tigervnc-vncsession-use-bin-sh-when-shell-not-set.patch
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
From 4db34f73d461b973867ddaf18bf690219229cd7a Mon Sep 17 00:00:00 2001
|
||||||
|
From: Carlos Santos <casantos@redhat.com>
|
||||||
|
Date: Thu, 25 Jul 2024 18:39:59 -0300
|
||||||
|
Subject: [PATCH] vncsession: use /bin/sh if the user shell is not set
|
||||||
|
|
||||||
|
An empty shell field in the password file is valid, although not common.
|
||||||
|
Use /bin/sh in this case, as documented in the passwd(5) man page, since
|
||||||
|
the vncserver script requires a non-empty SHELL environment variable.
|
||||||
|
|
||||||
|
Fixes issue #1786.
|
||||||
|
|
||||||
|
Signed-off-by: Carlos Santos <casantos@redhat.com>
|
||||||
|
---
|
||||||
|
unix/vncserver/vncsession.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/unix/vncserver/vncsession.c b/unix/vncserver/vncsession.c
|
||||||
|
index 1ee096c7c..98a0432aa 100644
|
||||||
|
--- a/unix/vncserver/vncsession.c
|
||||||
|
+++ b/unix/vncserver/vncsession.c
|
||||||
|
@@ -545,7 +545,7 @@ run_script(const char *username, const char *display, char **envp)
|
||||||
|
|
||||||
|
// Set up some basic environment for the script
|
||||||
|
setenv("HOME", pwent->pw_dir, 1);
|
||||||
|
- setenv("SHELL", pwent->pw_shell, 1);
|
||||||
|
+ setenv("SHELL", *pwent->pw_shell != '\0' ? pwent->pw_shell : "/bin/sh", 1);
|
||||||
|
setenv("LOGNAME", pwent->pw_name, 1);
|
||||||
|
setenv("USER", pwent->pw_name, 1);
|
||||||
|
setenv("USERNAME", pwent->pw_name, 1);
|
@ -5,7 +5,7 @@
|
|||||||
|
|
||||||
Name: tigervnc
|
Name: tigervnc
|
||||||
Version: 1.13.1
|
Version: 1.13.1
|
||||||
Release: 12%{?dist}
|
Release: 13%{?dist}
|
||||||
Summary: A TigerVNC remote display system
|
Summary: A TigerVNC remote display system
|
||||||
|
|
||||||
%global _hardened_build 1
|
%global _hardened_build 1
|
||||||
@ -30,6 +30,7 @@ Patch3: tigervnc-dont-install-appstream-metadata-file.patch
|
|||||||
Patch50: tigervnc-support-username-alias-in-plainusers.patch
|
Patch50: tigervnc-support-username-alias-in-plainusers.patch
|
||||||
Patch51: tigervnc-use-dup-to-get-available-fd-for-inetd.patch
|
Patch51: tigervnc-use-dup-to-get-available-fd-for-inetd.patch
|
||||||
Patch52: tigervnc-add-option-to-force-view-only-remote-connections.patch
|
Patch52: tigervnc-add-option-to-force-view-only-remote-connections.patch
|
||||||
|
Patch53: tigervnc-vncsession-use-bin-sh-when-shell-not-set.patch
|
||||||
|
|
||||||
# Upstreamable patches
|
# Upstreamable patches
|
||||||
Patch80: tigervnc-dont-get-pointer-position-for-floating-device.patch
|
Patch80: tigervnc-dont-get-pointer-position-for-floating-device.patch
|
||||||
@ -197,6 +198,7 @@ popd
|
|||||||
%patch50 -p1 -b .support-username-alias-in-plainusers
|
%patch50 -p1 -b .support-username-alias-in-plainusers
|
||||||
%patch51 -p1 -b .use-dup-to-get-available-fd-for-inetd
|
%patch51 -p1 -b .use-dup-to-get-available-fd-for-inetd
|
||||||
%patch52 -p1 -b .add-option-to-force-view-only-remote-connections
|
%patch52 -p1 -b .add-option-to-force-view-only-remote-connections
|
||||||
|
%patch53 -p1 -b .tigervnc-vncsession-use-bin-sh-when-shell-not-set
|
||||||
|
|
||||||
# Upstreamable patches
|
# Upstreamable patches
|
||||||
%patch80 -p1 -b .dont-get-pointer-position-for-floating-device
|
%patch80 -p1 -b .dont-get-pointer-position-for-floating-device
|
||||||
@ -354,6 +356,10 @@ fi
|
|||||||
%ghost %verify(not md5 size mode mtime) %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{modulename}
|
%ghost %verify(not md5 size mode mtime) %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{modulename}
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Aug 05 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-13
|
||||||
|
- vncsession: use /bin/sh if the user shell is not set
|
||||||
|
Resolves: RHEL-52827
|
||||||
|
|
||||||
* Fri Jul 12 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-12
|
* Fri Jul 12 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-12
|
||||||
- Fix FTBS: drop already applied Xorg patches
|
- Fix FTBS: drop already applied Xorg patches
|
||||||
Resolves: RHEL-46696
|
Resolves: RHEL-46696
|
||||||
|
Loading…
Reference in New Issue
Block a user