- (djm) Add --with-superuser-path=xxx configure option to specify what $PATH

the superuser receives.
author: Damien Miller <djm@mindrot.org> 2002-05-13 10:48:57 +1000
committer: Damien Miller <djm@mindrot.org> 2002-05-13 10:48:57 +1000
commit: a18bbd398e053acb58a79a2b4e0f13b4db8a0bae (patch)
tree: 0d570609b81ffd0217ce20c46058d3cdad593d72
parent: 802b9568686032c81e4a998dc282df6ed63d4090 (diff)
3 files changed, 28 insertions, 2 deletions
diff --git a/ChangeLog b/ChangeLog
index b617a79ef..c4e583fe1 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+20020513
+ - (djm) Add --with-superuser-path=xxx configure option to specify what $PATH
+   the superuser receives.
 20020511
 - (tim) [configure.ac] applied a rework of djm's OpenSSL search cleanup patch.
   Now only searches system and /usr/local/ssl (OpenSSL's default install path)
@@ -567,4 +571,4 @@
 - (stevesk) entropy.c: typo in debug message
 - (djm) ssh-keygen -i needs seeded RNG; report from markus@
-$Id: ChangeLog,v 1.2106 2002/05/11 22:30:04 tim Exp $
+$Id: ChangeLog,v 1.2107 2002/05/13 00:48:57 djm Exp $
diff --git a/configure.ac b/configure.ac
index 637b14e40..1b8aa5e1c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
-# $Id: configure.ac,v 1.56 2002/05/11 20:17:44 tim Exp $
+# $Id: configure.ac,v 1.57 2002/05/13 00:48:58 djm Exp $
 AC_INIT
 AC_CONFIG_SRCDIR([ssh.c])
@@ -2011,6 +2011,19 @@ if test "$USES_LOGIN_CONF" != "yes" ; then
        AC_SUBST(user_path)
 fi
+# Set superuser path separately to user path
+MD5_MSG="no" 
+AC_ARG_WITH(superuser-path,
+        [  --with-superuser-path=  Specify different path for super-user],
+        [
+                if test "x$withval" != "xno" ; then
+                        AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval")
+                        superuser_path=$withval
+                fi
+        ]
+)
 # Whether to force IPv4 by default (needed on broken glibc Linux)
 IPV4_HACK_MSG="no" 
 AC_ARG_WITH(ipv4-default,
@@ -2351,6 +2364,7 @@ E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
 F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
 G=`eval echo ${piddir}` ; G=`eval echo ${G}`
 H=`eval echo ${user_path}` ; H=`eval echo ${H}`
+I=`eval echo ${superuser_path}` ; I=`eval echo ${I}`
 echo ""
 echo "OpenSSH has been configured with the following options:"
@@ -2365,6 +2379,9 @@ echo "        At runtime, sshd will use the path defined in /etc/login.conf"
 else
 echo "        sshd default user PATH: $H"
 fi
+if test ! -z "$superuser_path" ; then
+echo "      sshd superuser user PATH: $I"
+fi
 echo "                Manpage format: $MANTYPE"
 echo "                   PAM support: ${PAM_MSG}"
 echo "            KerberosIV support: $KRB4_MSG"
diff --git a/session.c b/session.c
index 20e6a889f..10d803e98 100644
--- a/session.c
+++ b/session.c
@@ -871,7 +871,12 @@ do_setup_env(Session *s, const char *shell)
                 * needed for loading shared libraries. So the path better
                 * remains intact here.
                 */
+#  ifdef SUPERUSER_PATH
+                child_set_env(&env, &envsize, "PATH", 
+                    s->pw->pw_uid == 0 ? SUPERUSER_PATH : _PATH_STDPATH);
+#  else 
                child_set_env(&env, &envsize, "PATH", _PATH_STDPATH);
+#  endif /* SUPERUSER_PATH */
 # endif /* HAVE_CYGWIN */
 #endif /* HAVE_LOGIN_CAP */
author	Damien Miller <djm@mindrot.org>	2002-05-13 10:48:57 +1000
committer	Damien Miller <djm@mindrot.org>	2002-05-13 10:48:57 +1000
commit	a18bbd398e053acb58a79a2b4e0f13b4db8a0bae (patch)
tree	0d570609b81ffd0217ce20c46058d3cdad593d72
parent	802b9568686032c81e4a998dc282df6ed63d4090 (diff)