opendoas

my fork of doas with custom prompt
git clone git://git.kocotian.pl/opendoas.git
Log | Files | Refs | README | LICENSE

commit 2103dd548aaa63339fd9137a4c9bb1e041921c28
parent 78ab134cc3541d3dc9ad55044cbad5c0c8539147
Author: tedu <tedu>
Date:   Mon, 17 Jun 2019 19:51:23 +0000

setusercontext resets PATH (which we want). but then it becomes impossible to access the old PATH. save a copy in case we need it later. bug report from espie.

Diffstat:
Mdoas.c | 18++++++++++++++++++
Mdoas.h | 2++
Menv.c | 10++++++++--
3 files changed, 28 insertions(+), 2 deletions(-)

diff --git a/doas.c b/doas.c @@ -257,6 +257,7 @@ main(int argc, char **argv) const char *confpath = NULL; char *shargv[] = { NULL, NULL }; char *sh; + const char *p; const char *cmd; char cmdline[LINE_MAX]; #ifdef __OpenBSD__ @@ -411,7 +412,24 @@ main(int argc, char **argv) # endif } + if ((p = getenv("PATH")) != NULL) + formerpath = strdup(p); + if (formerpath == NULL) + formerpath = ""; + +# ifdef __OpenBSD__ + if (unveil(_PATH_LOGIN_CONF, "r") == -1 || + unveil(_PATH_LOGIN_CONF ".db", "r") == -1) + err(1, "unveil"); +# endif + if (rule->cmd) { + if (setenv("PATH", safepath, 1) == -1) + err(1, "failed to set PATH '%s'", safepath); + } # ifdef __OpenBSD__ + if (unveilcommands(getenv("PATH"), cmd) == 0) + goto fail; + if (pledge("stdio rpath getpw exec id", NULL) == -1) err(1, "pledge"); # endif diff --git a/doas.h b/doas.h @@ -29,6 +29,8 @@ extern struct rule **rules; extern int nrules; extern int parse_errors; +extern const char *formerpath; + struct passwd; char **prepenv(const struct rule *, const struct passwd *, diff --git a/env.c b/env.c @@ -29,6 +29,8 @@ #include "doas.h" #include "includes.h" +const char *formerpath; + struct envnode { RB_ENTRY(envnode) node; const char *key; @@ -199,8 +201,12 @@ fillenv(struct env *env, const char **envlist) /* assign value or inherit from environ */ if (eq) { val = eq + 1; - if (*val == '$') - val = getenv(val + 1); + if (*val == '$') { + if (strcmp(val + 1, "PATH") == 0) + val = formerpath; + else + val = getenv(val + 1); + } } else { val = getenv(name); }