Patch for system-wide default environment

Adam Tilghman agt at ieng9.ucsd.edu
Fri Mar 2 11:35:04 EST 2001 

We recently switched to OpenSSH from ssh 1.2.x and 
I quickly noticed that /etc/environment processing has gone AWOL.

This patch adds a new sshd_config variable:

     SysEnvFile
             Specifies a file containing the system-wide default environment
             in ``VARNAME=value'' format (default is none.)  The contents of a
             user's $HOME/.ssh/environment file, if found, will override vari-
             ables set within the SysEnvFile.

There is already some AIX-specific code which reads in /etc/environment.  
I left that code alone for now, but it could probably be removed if this
more general patch is accepted.

Thanks,

Adam Tilghman, UC San Diego

-- 
Adam Tilghman  |  Systems Support / Academic Computing  |     +1 858 822 0711
 agt at ucsd.edu  |  University of California, San Diego   | fax +1 858 534 7018

--- cut here ---

diff -r -c openssh-2.5.1p1/servconf.c openssh-2.5.1p1-1/servconf.c
*** openssh-2.5.1p1/servconf.c	Wed Feb 14 19:08:27 2001
--- openssh-2.5.1p1-1/servconf.c	Thu Mar  1 15:45:03 2001
***************
*** 81,86 ****
--- 81,87 ----
  	options->challenge_reponse_authentication = -1;
  	options->permit_empty_passwd = -1;
  	options->use_login = -1;
+ 	options->sys_environment_file = NULL;
  	options->allow_tcp_forwarding = -1;
  	options->num_allow_users = 0;
  	options->num_deny_users = 0;
***************
*** 210,216 ****
  	sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,
  	sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset,
  	sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail,
! 	sUseLogin, sAllowTcpForwarding,
  	sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
  	sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
  	sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
--- 211,217 ----
  	sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,
  	sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset,
  	sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail,
! 	sUseLogin, sSysEnvFile, sAllowTcpForwarding,
  	sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
  	sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
  	sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
***************
*** 261,266 ****
--- 262,268 ----
  	{ "strictmodes", sStrictModes },
  	{ "permitemptypasswords", sEmptyPasswd },
  	{ "uselogin", sUseLogin },
+ 	{ "sysenvfile", sSysEnvFile },
  	{ "randomseed", sRandomSeedFile },
  	{ "keepalive", sKeepAlives },
  	{ "allowtcpforwarding", sAllowTcpForwarding },
***************
*** 583,588 ****
--- 585,594 ----
  		case sUseLogin:
  			intptr = &options->use_login;
  			goto parse_flag;
+ 
+ 		case sSysEnvFile:
+                         charptr = &options->sys_environment_file;
+                         goto parse_filename;
  
  		case sGatewayPorts:
  			intptr = &options->gateway_ports;
diff -r -c openssh-2.5.1p1/servconf.h openssh-2.5.1p1-1/servconf.h
*** openssh-2.5.1p1/servconf.h	Wed Feb 14 19:08:27 2001
--- openssh-2.5.1p1-1/servconf.h	Thu Mar  1 15:46:40 2001
***************
*** 93,98 ****
--- 93,99 ----
  	int     permit_empty_passwd;	/* If false, do not permit empty
  					 * passwords. */
  	int     use_login;	/* If true, login(1) is used */
+ 	char	*sys_environment_file;
  	int	allow_tcp_forwarding;
  	u_int num_allow_users;
  	char   *allow_users[MAX_ALLOW_USERS];
diff -r -c openssh-2.5.1p1/session.c openssh-2.5.1p1-1/session.c
*** openssh-2.5.1p1/session.c	Sun Feb 18 11:13:34 2001
--- openssh-2.5.1p1-1/session.c	Thu Mar  1 15:46:11 2001
***************
*** 1261,1266 ****
--- 1261,1269 ----
  
  	/* read $HOME/.ssh/environment. */
  	if (!options.use_login) {
+ 		if (options.sys_environment_file != NULL) {
+ 			read_environment_file(&env, &envsize, options.sys_environment_file);
+ 		}
  		snprintf(buf, sizeof buf, "%.200s/.ssh/environment",
  		    pw->pw_dir);
  		read_environment_file(&env, &envsize, buf);
diff -r -c openssh-2.5.1p1/sshd.8 openssh-2.5.1p1-1/sshd.8
*** openssh-2.5.1p1/sshd.8	Wed Feb 14 19:08:28 2001
--- openssh-2.5.1p1-1/sshd.8	Thu Mar  1 16:03:04 2001
***************
*** 669,674 ****
--- 669,681 ----
  file transfer subsystem.
  By default no subsystems are defined.
  Note that this option applies to protocol version 2 only.
+ .It Cm SysEnvFile
+ Specifies a file containing the system-wide default environment in 
+ .Dq VARNAME=value
+ format (default is none.)  The contents of a user's 
+ .Pa $HOME/.ssh/environment 
+ file, if found, will override variables set within the
+ .Cm SysEnvFile .
  .It Cm SyslogFacility
  Gives the facility code that is used when logging messages from
  .Nm sshd .

More information about the openssh-unix-dev mailing list