aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--asroot.c135
-rw-r--r--config.mk6
2 files changed, 25 insertions, 116 deletions
diff --git a/asroot.c b/asroot.c
index ff5dfdd..1a422e0 100644
--- a/asroot.c
+++ b/asroot.c
@@ -8,6 +8,7 @@
#include <string.h>
#include <termios.h>
#include <unistd.h>
+#include <libenv.h>
#ifdef WITH_LIBPASSPHRASE
# include <passphrase.h>
@@ -31,64 +32,6 @@
char *argv0;
-/* Keep list in sync with key2root(8)'s list */
-static const char *env_whitelist[] = {
- "DISPLAY=",
- "WAYLAND_DISPLAY=",
- "PATH=",
- "TERM=",
- "COLORTERM=",
- "XAUTHORITY=",
- "LANG=",
- "LANGUAGE=",
- "LOCALE=",
- "LC_CTYPE=",
- "LC_NUMERIC=",
- "LC_TIME=",
- "LC_COLLATE=",
- "LC_MONETARY=",
- "LC_MESSAGES=",
- "LC_PAPER=",
- "LC_NAME=",
- "LC_ADDRESS=",
- "LC_TELEPHONE=",
- "LC_MEASUREMENT=",
- "LC_IDENTIFICATION=",
- "LC_ALL=",
- "LOCPATH=",
- "NLSPATH=",
- "TZ=",
- "TZDIR=",
- "SDL_VIDEO_FULLSCREEN_DISPLAY=",
- "EDITOR=",
- "VISUAL=",
- "BROWSER=",
- "DESKTOP_SESSION=",
- "LS_COLORS=",
- "GTK_THEME=",
- "QT_STYLE_OVERRIDE=",
- "PWD=",
- "OLDPWD=",
- "JAVA_HOME=",
- "_JAVA_AWT_WM_NONREPARENTING=",
- "_JAVA_OPTIONS=",
- "MAIN_ALSA_MIXER=",
- "MAIN_ALSA_CARD=",
- "XDG_SEAT=",
- "XDG_SESSION_TYPE=",
- "XDG_SESSION_CLASS=",
- "XDG_VTNR=",
- "XDG_SESSION_ID=",
- "XDG_DATA_DIRS=",
- "XDG_CONFIG_DIRS=",
- "MANPATH=",
- "INFODIR=",
- "PAGER=",
- "ftp_proxy=",
- "http_proxy=",
- NULL
-};
-
static void
usage(void)
@@ -98,29 +41,13 @@ usage(void)
}
-static char **
+static void
set_environ(void)
{
- char **new_environ;
- size_t i, j, n, len;
+ char *str;
+ size_t len;
struct passwd *pw;
- new_environ = calloc(sizeof(env_whitelist) / sizeof(*env_whitelist) + 5, sizeof(*env_whitelist));
- if (!new_environ) {
- fprintf(stderr, "%s: calloc %zu %zu: %s\n",
- argv0, sizeof(env_whitelist) / sizeof(*env_whitelist) + 5, sizeof(*env_whitelist), strerror(errno));
- exit(EXIT_ERROR);
- }
- for (i = 0, n = 0; env_whitelist[i]; i++) {
- len = strlen(env_whitelist[i]);
- for (j = 0; environ[j]; j++) {
- if (!strncmp(environ[j], env_whitelist[i], len)) {
- new_environ[n++] = environ[j];
- break;
- }
- }
- }
-
errno = 0;
pw = getpwuid(0);
if (!pw) {
@@ -131,47 +58,32 @@ set_environ(void)
exit(EXIT_ERROR);
}
+ libenv_select_variable_list((const char **)(void *)environ, LIBENV_SU_SAFE, LIBENV_END);
+
if (pw->pw_dir && *pw->pw_dir) {
- len = strlen(pw->pw_dir);
- len += sizeof("HOME=");
- new_environ[n] = malloc(len);
- if (!new_environ[n])
- fprintf(stderr, "%s: malloc %zu: %s\n", argv0, len, strerror(errno));
- stpcpy(stpcpy(new_environ[n++], "HOME="), pw->pw_dir);
+ if (setenv("HOME", pw->pw_dir, 1))
+ fprintf(stderr, "%s: setenv HOME %s 1: %s\n", argv0, pw->pw_dir, strerror(errno));
}
if (pw->pw_name && *pw->pw_name) {
- len = strlen(pw->pw_name);
- len += sizeof("LOGNAME=");
- new_environ[n] = malloc(len);
- if (!new_environ[n])
- fprintf(stderr, "%s: malloc %zu: %s\n", argv0, len, strerror(errno));
- stpcpy(stpcpy(new_environ[n++], "LOGNAME="), pw->pw_name);
+ if (setenv("LOGNAME", pw->pw_name, 1))
+ fprintf(stderr, "%s: setenv LOGNAME %s 1: %s\n", argv0, pw->pw_name, strerror(errno));
- len -= sizeof("LOGNAME=");
- len += sizeof("USER=");
- new_environ[n] = malloc(len);
- if (!new_environ[n])
- fprintf(stderr, "%s: malloc %zu: %s\n", argv0, len, strerror(errno));
- stpcpy(stpcpy(new_environ[n++], "USER="), pw->pw_name);
+ if (setenv("USER", pw->pw_name, 1))
+ fprintf(stderr, "%s: setenv USER %s 1: %s\n", argv0, pw->pw_name, strerror(errno));
- len -= sizeof("USER=");
- len += sizeof("MAIL=/var/spool/mail/");
- new_environ[n] = malloc(len);
- if (!new_environ[n])
+ len = sizeof("/var/spool/mail/") + strlen(pw->pw_name);
+ str = malloc(len);
+ if (!str)
fprintf(stderr, "%s: malloc %zu: %s\n", argv0, len, strerror(errno));
- stpcpy(stpcpy(new_environ[n++], "MAIL=/var/spool/mail/"), pw->pw_name);
+ stpcpy(stpcpy(str, "/var/spool/mail/"), pw->pw_name);
+ if (setenv("MAIL", str, 1))
+ fprintf(stderr, "%s: setenv MAIL %s 1: %s\n", argv0, str, strerror(errno));
+ free(str);
}
if (pw->pw_shell && *pw->pw_shell) {
- len = strlen(pw->pw_shell);
- len += sizeof("SHELL=");
- new_environ[n] = malloc(len);
- if (!new_environ[n])
- fprintf(stderr, "%s: malloc %zu: %s\n", argv0, len, strerror(errno));
- stpcpy(stpcpy(new_environ[n++], "SHELL="), pw->pw_shell);
+ if (setenv("SHELL", pw->pw_shell, 1))
+ fprintf(stderr, "%s: setenv SHELL %s 1: %s\n", argv0, pw->pw_shell, strerror(errno));
}
- new_environ[n] = NULL;
-
- return new_environ;
}
@@ -367,7 +279,6 @@ int
main(int argc, char *argv[])
{
int keep_env = 0;
- char **new_environ = NULL;
ARGBEGIN {
case 'e':
@@ -383,7 +294,7 @@ main(int argc, char *argv[])
check_password();
if (!keep_env)
- new_environ = set_environ();
+ set_environ();
if (setgid(0)) {
fprintf(stderr, "%s: setgid 0: %s\n", argv0, strerror(errno));
@@ -394,8 +305,6 @@ main(int argc, char *argv[])
exit(EXIT_ERROR);
}
- if (new_environ)
- environ = new_environ;
execvp(argv[0], argv);
fprintf(stderr, "%s: execvpe %s: %s\n", argv0, argv[0], strerror(errno));
return errno == ENOENT ? EXIT_NOENT : EXIT_EXEC;
diff --git a/config.mk b/config.mk
index dafaf0a..a7589a9 100644
--- a/config.mk
+++ b/config.mk
@@ -1,11 +1,11 @@
PREFIX = /usr
MANPREFIX = $(PREFIX)/share/man
-CC = cc
+CC = c99
CPPFLAGS = -D_DEFAULT_SOURCE -D_BSD_SOURCE -D_XOPEN_SOURCE=700 -D_GNU_SOURCE
-CFLAGS = -std=c99 -Wall -O2
-LDFLAGS = -s -lcrypt
+CFLAGS = -Wall -O2
+LDFLAGS = -s -lcrypt -lenv
# To use libpassphrase, add -DWITH_LIBPASSPHRASE to CPPFLAGS and -lpassphrase to LDFLAGS
generated by cgit v1.2.3-70-g09d2 (git 2.51.0) at 2025-10-31 13:08:52 +0000