diff options
| author | Sean Whitton <spwhitton@spwhitton.name> | 2021-07-01 23:08:58 -0700 |
|---|---|---|
| committer | Sean Whitton <spwhitton@spwhitton.name> | 2021-07-06 21:19:39 -0700 |
| commit | 60d2ca122ee7dc29fc66b4364bcf79f5a7041b64 (patch) | |
| tree | 60c6a0b68d5d08cec4dd12c3b9064a657a97823b /src/connection | |
| parent | b98a381028b03e1b71b9ade24a9999d858134b2f (diff) | |
| download | consfigurator-60d2ca122ee7dc29fc66b4364bcf79f5a7041b64.tar.gz | |
add POSIX-LOGIN-ENVIRONMENT and use in :SETUID connection
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
Diffstat (limited to 'src/connection')
| -rw-r--r-- | src/connection/setuid.lisp | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/src/connection/setuid.lisp b/src/connection/setuid.lisp index 2137f52..9b7257f 100644 --- a/src/connection/setuid.lisp +++ b/src/connection/setuid.lisp @@ -53,15 +53,13 @@ :datadir datadir :connattrs `(:remote-uid ,uid :remote-gid ,gid + :remote-user ,to :remote-home ,home)) remaining)))) (defmethod post-fork ((connection setuid-connection)) - ;; TODO Set up the new environment more systematically. Perhaps look at how - ;; runuser(1) uses PAM to do this. (let ((uid (connection-connattr connection :remote-uid)) - (gid (connection-connattr connection :remote-gid)) - (home (connection-connattr connection :remote-home))) + (gid (connection-connattr connection :remote-gid))) (run-program (list "chown" "-R" (format nil "~A:~A" uid gid) (unix-namestring (slot-value connection 'datadir)))) @@ -69,5 +67,6 @@ (error "setgid(2) failed!")) (unless (zerop (setuid uid)) (error "setuid(2) failed!")) - (setf (getenv "HOME") (unix-namestring home)) - (uiop:chdir home))) + (posix-login-environment + (connection-connattr connection :remote-user) + (connection-connattr connection :remote-home)))) |