[Bug 1346] PAM environment takes precedence over SendEnv
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Mon Dec 15 02:19:48 EST 2008
https://bugzilla.mindrot.org/show_bug.cgi?id=1346
--- Comment #17 from Jean-Christophe Dubacq <jcdubacq1 at free.fr> 2008-12-15 02:19:46 ---
The alias capability is a glibc feature, indeed. I found it quite
reliable, but the real locale is la_CO.charset. This works correctly on
Linux and MacOSX and, I presume on BSD, since MacOSX is derived from
it. Working on Linux/MacOSX/BSD is enough of a standard for me.
> Sentence above confirm that reported issue is configuration problem -
> system default setting override already set variable !!!!
This is because there is no known way to set variable AFTER default
setting.
If you look at session.c around line 1265 (openssh 5.1p1), you will see
that the variables sent by SendEnv are put in a new environment, THEN
the pam environment is copied over this environment. This means that
pam never sees the SendEnv variables (which would be another solution
to the problem, since pam_env has a syntax for not overriding a preset
variable). However, when the pam authentication is done, the variables
are not set (and pam does not see them).
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list