Launchpad has imported 6 comments from the remote bug at https://bugs.freedesktop.org/show_bug.cgi?id=62016.
If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. ------------------------------------------------------------------------ On 2013-03-08T10:58:55+00:00 Martin Pitt wrote: Various pam modules provide environment variables that are intended to be set in the environment of the pam session. pkexec needs to process the output of pam_getenvlist() to get these. This will e. g. apply correct locales in pkexec when they are configured in pam_environment. Reply at: https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/982684/comments/23 ------------------------------------------------------------------------ On 2013-03-08T11:01:25+00:00 Martin Pitt wrote: Created attachment 76150 pkexec: Set process environment from pam_getenvlist() Steve Langasek applied this patch a while ago to the Ubuntu packages. I adjusted it for current git master and brought it into git format-patch form. Reply at: https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/982684/comments/24 ------------------------------------------------------------------------ On 2013-03-08T18:06:28+00:00 Zeuthen wrote: I'm not sure that's a good idea ... but I can probably be convinced that it is :-) ... So apart from locales, can you give examples of such PAM modules and the environment variables that are set? Thanks. Reply at: https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/982684/comments/25 ------------------------------------------------------------------------ On 2013-03-08T18:08:38+00:00 Zeuthen wrote: Comment on attachment 76150 pkexec: Set process environment from pam_getenvlist() Review of attachment 76150: ----------------------------------------------------------------- Looks good but the the coding style is wrong - curly-braces / indentation wrong - should use guint instead of int - should use 'n' as a counter/iterator, not 'i' (like the rest of the code) These are style issues but consistency is important. Reply at: https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/982684/comments/26 ------------------------------------------------------------------------ On 2013-03-11T08:31:41+00:00 Steve Langasek wrote: On Fri, Mar 08, 2013 at 06:06:28PM +0000, [email protected] wrote: > ... So apart from locales, can you give examples of such PAM modules and > the environment variables that are set? Thanks. The pam_env module is a big one, which is used by admins to configure arbitrary environment settings for all sessions. The specific case that prompted this had to do with proxy settings configured in the environment. Other modules that may need to set environment variables include pam_krb5 and pam_afs_session, whose environment settings may be required for proper filesystem access. Reply at: https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/982684/comments/27 ------------------------------------------------------------------------ On 2013-03-11T08:48:38+00:00 Martin Pitt wrote: Created attachment 76324 pkexec: Set process environment from pam_getenvlist() Fixed coding style. Reply at: https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/982684/comments/28 ** Changed in: policykit Status: Unknown => Incomplete ** Changed in: policykit Importance: Unknown => Medium -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to policykit-1 in Ubuntu. https://bugs.launchpad.net/bugs/982684 Title: sudo, pkexec don't apply global environment settings from /etc/environment Status in PolicyKit: Incomplete Status in “policykit-1” package in Ubuntu: Fix Released Status in “sudo” package in Ubuntu: Fix Released Status in “policykit-1” source package in Precise: Fix Released Status in “sudo” source package in Precise: Fix Released Status in “policykit-1” source package in Quantal: Fix Released Status in “sudo” source package in Quantal: Fix Released Bug description: [Impact] In connection with the recent update-notifier changes (https://wiki.ubuntu.com/Specs/UpdateNotifierPackageDataDownloader), some users who were previously able to download the flashplugin via the apt proxy settings are now unable to download it when running, e.g., 'sudo apt-get install'. The reason for this is that, even though a global proxy may be configured in /etc/environment, sudo does not allow $http_proxy to be inherited by default and does not reapply the environment from /etc/environment (and from /etc/default/locale) via pam_env. The first part is reasonable, but I question the second part. Since these are global config files, I believe it's safe for sudo to apply the environment settings by default just as 'su' does; and the settings are intended to apply globally, which would include to sudo sessions. This would make update-notifier work more reliably for users with proxies, and would probably help with a variety of other cases where global variables are currently not being set as expected for sudo. [Test Case] 1. Set 'http_proxy=invalid' in /etc/environment 2. Run 'sudo wget http://www.ubuntu.com/', 'pkexec wget http://www.ubuntu.com/' 3. Verify that the commands return successfully 4. Install updated sudo, policykit-1 packages from precise-proposed 5. Repeat the commands from step 2 6. Verify that the commands now fail with an error about invalid proxies 7. Remove the http_proxy line from /etc/environment [Regression potential] Some users may consider it a feature that global settings from /etc/environment are not applied to sudo and/or pkexec. However, this is not by design; the cost of not being able to correctly support proxies for users is greater than the cost of changing this behavior in an SRU and breaking expectations of users regarding undocumented behavior. ProblemType: Bug DistroRelease: Ubuntu 12.04 Package: sudo 1.8.3p1-1ubuntu3 ProcVersionSignature: Ubuntu 3.2.0-22.35-generic 3.2.14 Uname: Linux 3.2.0-22-generic x86_64 ApportVersion: 2.0.1-0ubuntu3 Architecture: amd64 CheckboxSubmission: 017452a27eca3c8b498abbfa5ef91db9 CheckboxSystem: ecaaad6fa1e0799a0aa1126bf620f39e Date: Sun Apr 15 16:41:17 2012 InstallationMedia: Ubuntu 10.04.1 LTS "Lucid Lynx" - Release amd64 (20100816.1) ProcEnviron: TERM=xterm PATH=(custom, user) LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: sudo UpgradeStatus: Upgraded to precise on 2011-11-08 (159 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/policykit/+bug/982684/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
