aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Gierth <andrew@tao146.riddles.org.uk>2021-03-03 18:25:11 +0000
committerKyle Evans <kevans@FreeBSD.org>2021-03-03 18:25:11 +0000
commit55deb0a5f089c8a27cfc1666655b93881c2b47ae (patch)
tree3ce0258b3e2f6040d47a4935133e7e43a7819796
parentaff9b9ee894e3e6b6d8c7e4182d6b973804df853 (diff)
downloadsrc-55deb0a5f089c8a27cfc1666655b93881c2b47ae.tar.gz
src-55deb0a5f089c8a27cfc1666655b93881c2b47ae.zip
service(8): use an environment more consistent with init(8)
init(8) sets the "daemon" login class without specifying a pw entry (so no substitutions are done on the variables). service(8)'s use of env -L had the effect of specifying root's pw entry, with two effects: getpwnam and getpwuid are being called, which may not be entirely safe depending on what nsswitch is up to and what stage of boot we are at, and substitutions would have been done. Fix by teaching env(8) to allow -L -/classname to set the class environment with no pw entry at all specified, and use it in service(8). PR: 253959
-rw-r--r--usr.bin/env/env.17
-rw-r--r--usr.bin/env/env.c25
-rwxr-xr-xusr.sbin/service/service.sh2
3 files changed, 23 insertions, 11 deletions
diff --git a/usr.bin/env/env.1 b/usr.bin/env/env.1
index 8c0527608506..9aff9508e47b 100644
--- a/usr.bin/env/env.1
+++ b/usr.bin/env/env.1
@@ -31,7 +31,7 @@
.\" From FreeBSD: src/usr.bin/printenv/printenv.1,v 1.17 2002/11/26 17:33:35 ru Exp
.\" $FreeBSD$
.\"
-.Dd November 11, 2020
+.Dd March 3, 2021
.Dt ENV 1
.Os
.Sh NAME
@@ -104,6 +104,11 @@ is used, then the specified user's
.Pa ~/.login_conf
is read as well.
The user may be specified by name or by uid.
+If a username of
+.Sq Li \&-
+is given, then no user lookup will be done, the login class will default to
+.Sq Li default
+if not explicitly given, and no substitutions will be done on the values.
.\" -P
.It Fl P Ar altpath
Search the set of directories as specified by
diff --git a/usr.bin/env/env.c b/usr.bin/env/env.c
index e408577ea7a4..0aa42a4663dd 100644
--- a/usr.bin/env/env.c
+++ b/usr.bin/env/env.c
@@ -144,16 +144,23 @@ main(int argc, char **argv)
login_class = strchr(login_name, '/');
if (login_class)
*login_class++ = '\0';
- pw = getpwnam(login_name);
- if (pw == NULL) {
- char *endp = NULL;
- errno = 0;
- uid = strtoul(login_name, &endp, 10);
- if (errno == 0 && *endp == '\0')
- pw = getpwuid(uid);
+ if (*login_name != '\0' && strcmp(login_name,"-") != 0) {
+ pw = getpwnam(login_name);
+ if (pw == NULL) {
+ char *endp = NULL;
+ errno = 0;
+ uid = strtoul(login_name, &endp, 10);
+ if (errno == 0 && *endp == '\0')
+ pw = getpwuid(uid);
+ }
+ if (pw == NULL)
+ errx(EXIT_FAILURE, "no such user: %s", login_name);
}
- if (pw == NULL)
- errx(EXIT_FAILURE, "no such user: %s", login_name);
+ /*
+ * Note that it is safe for pw to be null here; the libutil
+ * code handles that, bypassing substitution of $ and using
+ * the class "default" if no class name is given either.
+ */
if (login_class != NULL) {
lc = login_getclass(login_class);
if (lc == NULL)
diff --git a/usr.sbin/service/service.sh b/usr.sbin/service/service.sh
index 9646aae67b0c..76cce580c5b4 100755
--- a/usr.sbin/service/service.sh
+++ b/usr.sbin/service/service.sh
@@ -171,7 +171,7 @@ cd /
for dir in /etc/rc.d $local_startup; do
if [ -x "$dir/$script" ]; then
[ -n "$VERBOSE" ] && echo "$script is located in $dir"
- exec env -i -L 0/daemon HOME=/ PATH=/sbin:/bin:/usr/sbin:/usr/bin "$dir/$script" "$@"
+ exec env -i -L -/daemon HOME=/ PATH=/sbin:/bin:/usr/sbin:/usr/bin "$dir/$script" "$@"
fi
done