[Bug 3247] New: SendEnv exclusion doesn't work as documented
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Sun Jan 3 01:35:26 AEDT 2021
https://bugzilla.mindrot.org/show_bug.cgi?id=3247
Bug ID: 3247
Summary: SendEnv exclusion doesn't work as documented
Product: Portable OpenSSH
Version: 8.4p1
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: guilhem at fripost.org
AFAICT it's not possible to clear a variable (or variable pattern)
previously set in another file. Consider a configuration file
containing
Host *
SendEnv X_* XYZ
Assuming I read the manual correctly, the following command should send
neither X_FOO nor XYZ:
$ X_FOO=foo XYZ=xyz ssh -F/path/to/ssh.conf -oSendEnv=-X\*
localhost env | grep -e^{X_,XYZ}
X_FOO=foo
XYZ=xyz
And this one to send neither X_FOO nor X_BAR nor XYZ, but only
X_BAZ=baz:
$ X_FOO=foo X_BAR=bar XYZ=xyz ssh -F/path/to/ssh.conf
-oSendEnv=-X_\* -oSendEnv=-XYZ -oSetEnv=X_BAZ=baz localhost env | grep
-e^{X_,XYZ}
X_FOO=foo
X_BAZ=baz
X_BAR=bar
XYZ=xyz
Interestingly, exclusion works differently when the SendEnv options are
all at the same level (either in CLI options or in the same
configuration file):
$ X_FOO=foo X_BAR=bar ssh -F/dev/null -oSendEnv=X_{FOO,BAR}
-oSendEnv=-X_BAR localhost env | grep ^X_
X_FOO=foo
$ X_FOO=foo X_BAR=bar ssh -F/dev/null -oSendEnv=X_\*
-oSendEnv=-X_\* -oSetEnv=X_BAZ=baz localhost env | grep ^X_
X_BAZ=baz
Both output are what one would expect. However excluding a variable
from wildcard is not: the following command should not have sent X_BAR,
only X_FOO
$ X_FOO=foo X_BAR=bar ssh -F/dev/null -oSendEnv=X_\*
-oSendEnv=-X_BAR localhost env | grep ^X_
X_FOO=foo
X_BAR=bar
(For the context, Debian's /etc/ssh/ssh_config contains "SendEnv LC_*"
for all hosts; I want to override that to send some selected hosts
LC_ALL=C and no other LC_*.)
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list