Hi,
I used the patch from ticket#24 and enhanced it with documentation.
Ok to submit?
diff --git a/modules/pam_env/pam_env.c b/modules/pam_env/pam_env.c
index e04f5b5..1bfdf08 100644
--- a/modules/pam_env/pam_env.c
+++ b/modules/pam_env/pam_env.c
@@ -676,7 +676,7 @@ static const char * _pam_get_item_byname(pam_handle_t *pamh, const
char *name)
const void *itemval;
D(("Called."));
- if (strcmp(name, "PAM_USER") == 0) {
+ if (strcmp(name, "PAM_USER") == 0 || strcmp(name, "HOME") == 0 ||
strcmp(name, "SHELL") == 0) {
item = PAM_USER;
} else if (strcmp(name, "PAM_USER_PROMPT") == 0) {
item = PAM_USER_PROMPT;
@@ -696,6 +696,19 @@ static const char * _pam_get_item_byname(pam_handle_t *pamh, const
char *name)
D(("pam_get_item failed"));
return NULL; /* let pam_get_item() log the error */
}
+
+ if (itemval && (strcmp(name, "HOME") == 0 || strcmp(name,
"SHELL") == 0)) {
+ struct passwd *user_entry;
+ user_entry = pam_modutil_getpwnam (pamh, (char *) itemval);
+ if (!user_entry) {
+ pam_syslog(pamh, LOG_ERR, "No such user!?");
+ return NULL;
+ }
+ return (strcmp(name, "SHELL") == 0) ?
+ user_entry->pw_shell :
+ user_entry->pw_dir;
+ }
+
D(("Exit."));
return itemval;
}
diff --git a/modules/pam_env/pam_env.conf.5.xml b/modules/pam_env/pam_env.conf.5.xml
index 45950b8..4040275 100644
--- a/modules/pam_env/pam_env.conf.5.xml
+++ b/modules/pam_env/pam_env.conf.5.xml
@@ -43,14 +43,16 @@
<para>
(Possibly non-existent) environment variables may be used in values
- using the ${string} syntax and (possibly non-existent) PAM_ITEMs may
- be used in values using the @{string} syntax. Both the $ and @
- characters can be backslash escaped to be used as literal values
+ using the ${string} syntax and (possibly non-existent) PAM_ITEMs as well
+ as HOME and SHELL may be used in values using the @{string} syntax. Both
+ the $ and @ characters can be backslash escaped to be used as literal values
values can be delimited with "", escaped " not supported.
Note that many environment variables that you would like to use
may not be set by the time the module is called.
- For example, HOME is used below several times, but
+ For example, ${HOME} is used below several times, but
many PAM applications don't make it available by the time you need it.
+ The special variables @{HOME} and @{SHELL} are expanded to the values
+ for the user from his <emphasis>passwd</emphasis> entry.
</para>
<para>
@@ -92,6 +94,7 @@
NNTPSERVER DEFAULT=localhost
PATH DEFAULT=${HOME}/bin:/usr/local/bin:/bin\
:/usr/bin:/usr/local/bin/X11:/usr/bin/X11
+ XDG_DATA_HOME @{HOME}/share/
</programlisting>
<para>
--
Thorsten Kukuk, Senior Architect SLES & Common Code Base
SUSE LINUX GmbH, Maxfeldstr. 5, 90409 Nuernberg, Germany
GF: Felix Imendörffer, Jane Smithard, Jennifer Guild, Dilip Upmanyu, Graham Norton, HRB
21284 (AG Nürnberg)
Show replies by date
On 25.3.2015 13:05, Thorsten Kukuk wrote:
Hi,
I used the patch from ticket#24 and enhanced it with documentation.
Ok to submit?
Fine with me.
Tomas