Package: libpam-runtime
Version: 0.76-22
Severity: important
Tags: patch
pam_getenv doesn't work at all. It has the following problems:
* It attempts to parse /etc/environment using the syntax of
/etc/security/pam_env.conf (the DEFAULT and OVERRIDE stuff). That
won't work.
* It says 'my $val;' inside a block, and then attempts to access $val
outside that block.
* It exits zero even when it fails to find the environment variable
you asked for. I suppose this might not be considered a bug, but it
seems likely to cause unreliability in scripts that could otherwise
say something like 'LANG="$(pam_getenv -l LANG || echo C)"'.
The attached patch corrects these problems. I won't really object much
if you decide it should exit zero, but the script is useless unless the
other two points are fixed.
Thanks,
--
Colin Watson [EMAIL PROTECTED]
diff -u pam-0.76/debian/local/pam_getenv pam-0.76/debian/local/pam_getenv
--- pam-0.76/debian/local/pam_getenv
+++ pam-0.76/debian/local/pam_getenv
@@ -23,6 +23,11 @@
system locale information. These options will allow this script to be
a stable interface even in that environment.
+=head1 EXIT STATUS
+
+Zero if the environment variable was found; non-zero if it was not found or
+if some error occurred.
+
=cut
# Copyright 2004 by Sam Hartman
@@ -30,12 +35,13 @@
# version 2, or at your option any later version.
use strict;
-use vars qw(*ENVFILE);
+use vars qw(*CONFIGFILE *ENVFILE);
-sub read_line() {
+sub read_line($) {
+ my $fh = shift;
my $line;
local $_;
- line: while (<ENVFILE>) {
+ line: while (<$fh>) {
chomp;
s/^\s+//;
s/\#.*$//;
@@ -81,21 +87,44 @@
-
-
-open (ENVFILE, "/etc/environment")
- or die "Cannot open environment file: $!\n";
-
+my $lookup;
while ($_ = shift) {
next if $_ eq "-s";
next if $_ eq "-l";
-my $var;
- variable: while ($var = parse_line(read_line())) {
- my $val;
- next variable unless $var->{Name} eq $_;
-unless ($val = expand_val($var->{Override})) {
- $val = expand_val($var->{Default});
+ $lookup = $_;
+ last;
+}
+
+unless (defined $lookup) {
+ die "Usage: pam_getenv [-l] [-s] env_var\n";
}
- print ($val, "\n");
- exit(0);
+
+my %allvars;
+
+open (CONFIGFILE, "/etc/security/pam_env.conf")
+ or die "Cannot open environment file: $!\n";
+
+while (my $var = parse_line(read_line(\*CONFIGFILE))) {
+ my $val;
+ unless ($val = expand_val($var->{Override})) {
+ $val = expand_val($var->{Default});
}
+ $allvars{$var->{Name}} = $val;
}
-
+if (open (ENVFILE, "/etc/environment")) {
+ while (my $line = read_line(\*ENVFILE)) {
+ $line =~ s/^export //;
+ $line =~ /(.*?)=(.+)/ or next;
+ my ($var, $val) = ($1, $2);
+ # This is bizarre logic (" and ' match each other, quotes are only
+ # significant at the start and end of the string, and the trailing quote
+ # may be omitted), but it's what pam_env does.
+ $val =~ s/^["'](.*?)["']?$/$1/;
+ $allvars{$var} = $val;
+ }
+}
+
+if (exists $allvars{$lookup}) {
+ print $allvars{$lookup}, "\n";
+ exit(0);
+} else {
+ exit(1);
+}
diff -u pam-0.76/debian/changelog pam-0.76/debian/changelog
--- pam-0.76/debian/changelog
+++ pam-0.76/debian/changelog
@@ -1,3 +1,14 @@
+pam (0.76-22ubuntu3) breezy; urgency=low
+
+ * Fix pam_getenv, which never worked:
+ - Parse /etc/security/pam_env.conf using its own syntax, and then
+ /etc/environment using its own syntax rather than the syntax of
+ /etc/security/pam_env.conf.
+ - 'my $val' was used in an incorrect scope; fixed.
+ - Exit non-zero if the requested environment variable is not found.
+
+ -- Colin Watson <[EMAIL PROTECTED]> Mon, 12 Sep 2005 18:32:54 +0100
+
pam (0.76-22ubuntu2) breezy; urgency=low
* debian/rules: Install unix_chkpwd setgid shadow instead of setuid root.
