Hello community, here is the log from the commit of package util-linux for openSUSE:Factory checked in at 2019-05-21 10:19:12 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/util-linux (Old) and /work/SRC/openSUSE:Factory/.util-linux.new.5148 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "util-linux" Tue May 21 10:19:12 2019 rev:237 rq:701846 version:2.33.2 Changes: -------- --- /work/SRC/openSUSE:Factory/util-linux/python3-libmount.changes 2019-03-08 12:00:39.387962465 +0100 +++ /work/SRC/openSUSE:Factory/.util-linux.new.5148/python3-libmount.changes 2019-05-21 10:19:17.555637323 +0200 @@ -1,0 +2,21 @@ +Thu May 9 21:00:29 CEST 2019 - [email protected] + +- Update to version 2.33.2 (bsc#1134337): + * agetty: Fix 8-bit processing in get_logname() (bsc#1125886). + * mount: Fix "mount" output for net file systems (bsc#1122417). + * Many Other fixes, see + https://www.kernel.org/pub/linux/utils/util-linux/v2.33/v2.33.2-ReleaseNotes + +------------------------------------------------------------------- +Thu May 2 23:51:45 CEST 2019 - [email protected] + +- Fix problems in reading of login.defs values (bsc#1121197, + util-linux-login_defs-priority1.patch, + util-linux-login_defs-priority2.patch, + util-linux-login_defs-SYS_UID.patch). +- Perform one-time reset of /etc/default/su (bsc#1121197). +- Add virtual symbols for login.defs compatibility (bsc#1121197). +- Add login.defs safety check util-linux-login_defs-check.sh + (bsc#1121197). + +------------------------------------------------------------------- @@ -5,0 +27,5 @@ + +------------------------------------------------------------------- +Mon Mar 4 13:00:08 UTC 2019 - Dominique Leuenberger <[email protected]> + +- Drop bc BuildRequires: not needed. util-linux-systemd.changes: same change --- /work/SRC/openSUSE:Factory/util-linux/util-linux.changes 2019-03-08 12:00:40.715962240 +0100 +++ /work/SRC/openSUSE:Factory/.util-linux.new.5148/util-linux.changes 2019-05-21 10:19:20.927636638 +0200 @@ -1,0 +2,21 @@ +Thu May 9 21:00:29 CEST 2019 - [email protected] + +- Update to version 2.33.2 (bsc#1134337): + * agetty: Fix 8-bit processing in get_logname() (bsc#1125886). + * mount: Fix "mount" output for net file systems (bsc#1122417). + * Many Other fixes, see + https://www.kernel.org/pub/linux/utils/util-linux/v2.33/v2.33.2-ReleaseNotes + +------------------------------------------------------------------- +Thu May 2 23:51:45 CEST 2019 - [email protected] + +- Fix problems in reading of login.defs values (bsc#1121197, + util-linux-login_defs-priority1.patch, + util-linux-login_defs-priority2.patch, + util-linux-login_defs-SYS_UID.patch). +- Perform one-time reset of /etc/default/su (bsc#1121197). +- Add virtual symbols for login.defs compatibility (bsc#1121197). +- Add login.defs safety check util-linux-login_defs-check.sh + (bsc#1121197). + +------------------------------------------------------------------- Old: ---- util-linux-2.33.1.tar.sign util-linux-2.33.1.tar.xz New: ---- util-linux-2.33.2.tar.sign util-linux-2.33.2.tar.xz util-linux-login_defs-SYS_UID.patch util-linux-login_defs-check.sh util-linux-login_defs-priority1.patch util-linux-login_defs-priority2.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python3-libmount.spec ++++++ --- /var/tmp/diff_new_pack.Rmm2EA/_old 2019-05-21 10:19:21.831636454 +0200 +++ /var/tmp/diff_new_pack.Rmm2EA/_new 2019-05-21 10:19:21.831636454 +0200 @@ -75,7 +75,6 @@ License: GPL-2.0-or-later Group: %main_group BuildRequires: audit-devel -BuildRequires: bc BuildRequires: binutils-devel BuildRequires: fdupes BuildRequires: gettext-devel @@ -116,7 +115,7 @@ %endif %endif #END SECOND STAGE DEPENDENCIES -Version: 2.33.1 +Version: 2.33.2 Release: 0 # util-linux is a base package and uuidd pre-requiring pwdutils pulls # that into the core build cycle. pwdutils also pulls in the whole @@ -127,6 +126,7 @@ Url: https://www.kernel.org/pub/linux/utils/util-linux/ Source: https://www.kernel.org/pub/linux/utils/util-linux/v2.33/util-linux-%{version}.tar.xz Source1: util-linux-rpmlintrc +Source2: util-linux-login_defs-check.sh Source4: raw.service Source5: etc.raw Source6: etc_filesystems @@ -145,6 +145,12 @@ Patch0: make-sure-sbin-resp-usr-sbin-are-in-PATH.diff Patch1: libmount-print-a-blacklist-hint-for-unknown-filesyst.patch Patch2: Add-documentation-on-blacklisted-modules-to-mount-8-.patch +# PATCH-FIX-UPSTREAM util-linux-login_defs-priority1.patch bsc1121197 [email protected] -- Fix priorities of login.defs values. +Patch3: util-linux-login_defs-priority1.patch +# PATCH-FIX-UPSTREAM util-linux-login_defs-priority2.patch bsc1121197 [email protected] -- Fix priorities of login.defs values. +Patch4: util-linux-login_defs-priority2.patch +# PATCH-FIX-UPSTREAM util-linux-login_defs-SYS_UID.patch bsc1121197 [email protected] -- Fix discrepancies in SYS_UID* fallback. +Patch5: util-linux-login_defs-SYS_UID.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build # %if %build_util_linux @@ -174,6 +180,10 @@ # uuid-runtime appeared in SLE11 SP1 to SLE11 SP3 Provides: uuid-runtime = %{version}-%{release} Obsoletes: uuid-runtime <= 2.19.1 +# All login.defs variables require support from shadow side. +# Upgrade this symbol version only if new variables appear! +# Verify by shadow-login_defs-check.sh from shadow source package. +Requires: login_defs-support-for-util-linux >= 2.33.1 # # Using "Requires" here would lend itself to help upgrading, but since # util-linux is in the initial bootstrap, that is not a good thing to do: @@ -380,11 +390,16 @@ %endif %prep %setup -q -n %{_name}-%{version} +cp -a %{S:2} . %patch0 -p1 %patch1 -p1 %patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 %build +bash ./util-linux-login_defs-check.sh %if %build_util_linux # #BEGIN SYSTEMD SAFETY CHECK @@ -720,12 +735,6 @@ %if %build_util_linux %pre %service_add_pre raw.service -# Check whether we are upgrading from < Leap 15 or SLE 15 -# Check for /sbin/su and not /usr/sbin/su, as it exists in all old versions. -# (bsc#353876#c7) -if test -e /bin/su && ! ( LANG=C su --help 2>/dev/null) | grep -q -- --pty ; then - touch %{_sysconfdir}/default/su.needs_ALWAYS_SET_ROOT 2>/dev/null || : -fi %post %service_add_post raw.service @@ -749,19 +758,19 @@ fi done # %{_sysconfdir}/default/su is tagged as noreplace. -# But we want to upgrade to a more secure default on upgrade. -# Perform one-time change of ALWAYS_SET_ROOT. (bsc#353876#c7) -if test -f %{_sysconfdir}/default/su.needs_ALWAYS_SET_ROOT -a -f %{_sysconfdir}/default/su && - grep -q ^ALWAYS_SET_PATH=no %{_sysconfdir}/default/su ; then +# But we want to migrate variables to /etc/login.defs (bsc#1121197). +# Perform one-time config replace. +if ! grep -q "^# /etc/default/su is an override" %{_sysconfdir}/default/su ; then + if test -f %{_sysconfdir}/default/su.rpmnew ; then if ! test -f %{_sysconfdir}/default/su.rpmorig ; then cp -a %{_sysconfdir}/default/su %{_sysconfdir}/default/su.rpmorig fi - sed -i s/^ALWAYS_SET_PATH=no/ALWAYS_SET_PATH=yes/ %{_sysconfdir}/default/su - echo "One time change of %{_sysconfdir}/default/su was performed." >&2 - echo "ALWAYS_SET_PATH was set to more secure value \"yes\"." >&2 - echo "If it is not intended, you can safely change it back. It will not be changed again." >&2 + mv %{_sysconfdir}/default/su.rpmnew %{_sysconfdir}/default/su + echo "One time clean-up of %{_sysconfdir}/default/su was performed." >&2 + echo "Original contents was saved to %{_sysconfdir}/default/su.rpmorig." >&2 + echo "Please edit %{_sysconfdir}/login.defs or %{_sysconfdir}/default/su to restore your customization." >&2 + fi fi -rm -f %{_sysconfdir}/default/su.needs_ALWAYS_SET_ROOT %preun %service_del_preun raw.service util-linux-systemd.spec: same change ++++++ util-linux.spec ++++++ --- /var/tmp/diff_new_pack.Rmm2EA/_old 2019-05-21 10:19:21.899636440 +0200 +++ /var/tmp/diff_new_pack.Rmm2EA/_new 2019-05-21 10:19:21.899636440 +0200 @@ -115,7 +115,7 @@ %endif %endif #END SECOND STAGE DEPENDENCIES -Version: 2.33.1 +Version: 2.33.2 Release: 0 # util-linux is a base package and uuidd pre-requiring pwdutils pulls # that into the core build cycle. pwdutils also pulls in the whole @@ -126,6 +126,7 @@ Url: https://www.kernel.org/pub/linux/utils/util-linux/ Source: https://www.kernel.org/pub/linux/utils/util-linux/v2.33/util-linux-%{version}.tar.xz Source1: util-linux-rpmlintrc +Source2: util-linux-login_defs-check.sh Source4: raw.service Source5: etc.raw Source6: etc_filesystems @@ -144,6 +145,12 @@ Patch0: make-sure-sbin-resp-usr-sbin-are-in-PATH.diff Patch1: libmount-print-a-blacklist-hint-for-unknown-filesyst.patch Patch2: Add-documentation-on-blacklisted-modules-to-mount-8-.patch +# PATCH-FIX-UPSTREAM util-linux-login_defs-priority1.patch bsc1121197 [email protected] -- Fix priorities of login.defs values. +Patch3: util-linux-login_defs-priority1.patch +# PATCH-FIX-UPSTREAM util-linux-login_defs-priority2.patch bsc1121197 [email protected] -- Fix priorities of login.defs values. +Patch4: util-linux-login_defs-priority2.patch +# PATCH-FIX-UPSTREAM util-linux-login_defs-SYS_UID.patch bsc1121197 [email protected] -- Fix discrepancies in SYS_UID* fallback. +Patch5: util-linux-login_defs-SYS_UID.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build # %if %build_util_linux @@ -173,6 +180,10 @@ # uuid-runtime appeared in SLE11 SP1 to SLE11 SP3 Provides: uuid-runtime = %{version}-%{release} Obsoletes: uuid-runtime <= 2.19.1 +# All login.defs variables require support from shadow side. +# Upgrade this symbol version only if new variables appear! +# Verify by shadow-login_defs-check.sh from shadow source package. +Requires: login_defs-support-for-util-linux >= 2.33.1 # # Using "Requires" here would lend itself to help upgrading, but since # util-linux is in the initial bootstrap, that is not a good thing to do: @@ -379,11 +390,16 @@ %endif %prep %setup -q -n %{_name}-%{version} +cp -a %{S:2} . %patch0 -p1 %patch1 -p1 %patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 %build +bash ./util-linux-login_defs-check.sh %if %build_util_linux # #BEGIN SYSTEMD SAFETY CHECK @@ -719,12 +735,6 @@ %if %build_util_linux %pre %service_add_pre raw.service -# Check whether we are upgrading from < Leap 15 or SLE 15 -# Check for /sbin/su and not /usr/sbin/su, as it exists in all old versions. -# (bsc#353876#c7) -if test -e /bin/su && ! ( LANG=C su --help 2>/dev/null) | grep -q -- --pty ; then - touch %{_sysconfdir}/default/su.needs_ALWAYS_SET_ROOT 2>/dev/null || : -fi %post %service_add_post raw.service @@ -748,19 +758,19 @@ fi done # %{_sysconfdir}/default/su is tagged as noreplace. -# But we want to upgrade to a more secure default on upgrade. -# Perform one-time change of ALWAYS_SET_ROOT. (bsc#353876#c7) -if test -f %{_sysconfdir}/default/su.needs_ALWAYS_SET_ROOT -a -f %{_sysconfdir}/default/su && - grep -q ^ALWAYS_SET_PATH=no %{_sysconfdir}/default/su ; then +# But we want to migrate variables to /etc/login.defs (bsc#1121197). +# Perform one-time config replace. +if ! grep -q "^# /etc/default/su is an override" %{_sysconfdir}/default/su ; then + if test -f %{_sysconfdir}/default/su.rpmnew ; then if ! test -f %{_sysconfdir}/default/su.rpmorig ; then cp -a %{_sysconfdir}/default/su %{_sysconfdir}/default/su.rpmorig fi - sed -i s/^ALWAYS_SET_PATH=no/ALWAYS_SET_PATH=yes/ %{_sysconfdir}/default/su - echo "One time change of %{_sysconfdir}/default/su was performed." >&2 - echo "ALWAYS_SET_PATH was set to more secure value \"yes\"." >&2 - echo "If it is not intended, you can safely change it back. It will not be changed again." >&2 + mv %{_sysconfdir}/default/su.rpmnew %{_sysconfdir}/default/su + echo "One time clean-up of %{_sysconfdir}/default/su was performed." >&2 + echo "Original contents was saved to %{_sysconfdir}/default/su.rpmorig." >&2 + echo "Please edit %{_sysconfdir}/login.defs or %{_sysconfdir}/default/su to restore your customization." >&2 + fi fi -rm -f %{_sysconfdir}/default/su.needs_ALWAYS_SET_ROOT %preun %service_del_preun raw.service ++++++ su.default ++++++ --- /var/tmp/diff_new_pack.Rmm2EA/_old 2019-05-21 10:19:22.079636404 +0200 +++ /var/tmp/diff_new_pack.Rmm2EA/_new 2019-05-21 10:19:22.079636404 +0200 @@ -1,14 +1,8 @@ -# Per default, only "su -" will set a new PATH. -# If this variable is set to "yes" (default is "no"), -# every su call will overwrite the PATH variable. +# /etc/default/su is an override for /etc/login.defs for su and runuser +# (It is also read as a fallback for login.) +# +# See /etc/login.defs, su(1) or runuser(1) for more. +# +# List of su/runuser variables: +# ALWAYS_SET_PATH, ENV_PATH, ENV_ROOTPATH, ENV_SUPATH, FAIL_DELAY # -# The recommended default is "yes". The default "no" behavior could have -# a security implication in applications that use commands without path. -ALWAYS_SET_PATH=yes - -# Default path. -PATH=/usr/local/bin:/bin:/usr/bin - -# Default path for a user invoking su to root. -SUPATH=/usr/sbin:/bin:/usr/bin:/sbin - ++++++ util-linux-2.33.1.tar.xz -> util-linux-2.33.2.tar.xz ++++++ ++++ 73312 lines of diff (skipped) ++++++ util-linux-login_defs-SYS_UID.patch ++++++ >From 0d37969cbe2cb85d9c01f78071528a8a7c789f96 Mon Sep 17 00:00:00 2001 From: Stanislav Brabec <[email protected]> Date: Wed, 24 Apr 2019 11:16:53 +0200 Subject: [PATCH] lslogins: Fix discrepancies of SYS_UID_MIN util-linux does not contain useradd. Its most popular implementation comes from shadow. SYS_UID_MIN is one of common parameters. Its hardcoded fallback value is equal to 101 in shadow useradd (see shadow-4.6/libmisc/find_new_uid.c: get_ranges()), but 201 in login-utils/lslogins.c. Let lslogins use the same fallback as useradd from shadow. Hopefully most distros define its custom value of SYS_UID_MIN in /etc/login.defs, so this problem is not visible. login-utils/lslogins.1 does not mention its default at all. Add a reference and improve text of lslogins(1) to prevent off-by-one interpretation. Signed-off-by: Stanislav Brabec <[email protected]> Signed-off-by: Karel Zak <[email protected]> --- login-utils/lslogins.1 | 6 +++--- login-utils/lslogins.c | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/login-utils/lslogins.1 b/login-utils/lslogins.1 index 5aa14c706..f003ef264 100644 --- a/login-utils/lslogins.1 +++ b/login-utils/lslogins.1 @@ -92,9 +92,9 @@ Display information related to login by password (see also \fB\-afL). Raw output (no columnation). .TP \fB\-s\fR, \fB\-\-system\-accs\fR -Show system accounts. These are by default all accounts with a UID below 1000 -(non-inclusive), with the exception of either nobody or nfsnobody (UID 65534). -This hardcoded default maybe overwritten by parameters SYS_UID_MIN and SYS_UID_MAX in +Show system accounts. These are by default all accounts with a UID between 101 and 999 +(inclusive), with the exception of either nobody or nfsnobody (UID 65534). +This hardcoded default may be overwritten by parameters SYS_UID_MIN and SYS_UID_MAX in the file /etc/login.defs. .TP \fB\-\-time\-format\fR \fItype\fP diff --git a/login-utils/lslogins.c b/login-utils/lslogins.c index efb20a4f7..3d9c9b97a 100644 --- a/login-utils/lslogins.c +++ b/login-utils/lslogins.c @@ -74,7 +74,7 @@ static int lslogins_flag; #define UL_UID_MIN 1000 #define UL_UID_MAX 60000 -#define UL_SYS_UID_MIN 201 +#define UL_SYS_UID_MIN 101 #define UL_SYS_UID_MAX 999 /* we use the value of outmode to determine -- 2.21.0 ++++++ util-linux-login_defs-check.sh ++++++ #!/bin/bash # Extract list of variables supported by su/runuser. # # If you edit this file, you will probably need to edit # shadow-login_defs-check.sh from shadow sources in a similar way. set -o errexit echo -n "Checking login.defs variables in util-linux... " >&2 ( grep -rh getlogindefs . | sed -n 's/^.*getlogindefs[a-z_]*("\([A-Z0-9_]*\)".*$/\1/p' grep -rh logindefs_setenv . | sed -n 's/^.*logindefs_setenv*("[A-Z0-9_]*", "\([A-Z0-9_]*\)".*$/\1/p' ) | LC_ALL=C sort -u >util-linux-login_defs-vars.lst if test $(sha1sum util-linux-login_defs-vars.lst | sed 's/ .*$//') != a9c56a10a4b5a0afb63c9208b8ca0cb1b46a8429 ; then echo "does not match!" >&2 echo "Checksum is: $(sha1sum util-linux-login_defs-vars.lst | sed 's/ .*$//')" >&2 cat >&2 <<EOF You have to perform following steps: Check whether the error is false positive (script failed to extract variables) or true positive (variable list changed). If it is false positive: - Fix this script. - The same fix is needed in shadow package in shadow-login_defs-check.sh. If it is true positive: - Check-out shadow package and call shadow-login_defs-check.sh. - Compare its output shadow-login_defs-check-util-linux.lst with util-linux-login_defs-vars.lst in the util-linux build directory. - Update shadow shadow-login_defs-util-linux.patch, if needed. - If shadow-login_defs-util-linux.patch was updated, update login_defs-support-for-util-linux symbol version in both shadow and util-linux spec files accordingly. - Update checksum in this script. - Possibly update su.default with these new list of su/runuser specific variables: EOF echo -n " " >&2 ( grep -rh getlogindefs login-utils/su-common.c | sed -n 's/^.*getlogindefs[a-z_]*("\([A-Z0-9_]*\)".*$/\1/p' grep -rh logindefs_setenv login-utils/su-common.c | sed -n 's/^.*logindefs_setenv*("[A-Z0-9_]*", "\([A-Z0-9_]*\)".*$/\1/p' ) | LC_ALL=C sort -u | tr '\n' ' ' | sed 's/ /, /g;s/, $//' >&2 echo -e '\n' >&2 exit 1 else echo "OK" >&2 fi ++++++ util-linux-login_defs-priority1.patch ++++++ >From 15a191f6d30dfe202a080a3d90968b63d695a29f Mon Sep 17 00:00:00 2001 From: Stanislav Brabec <[email protected]> Date: Thu, 10 Jan 2019 01:28:53 +0100 Subject: [PATCH 1/2] su-common.c: prefer /etc/default/su over login.defs su(1) documentation says: /etc/default/su command specific logindef config file /etc/login.defs global logindef config file It indirectly indicates that /etc/default/su should take precedence over /etc/login.defs. But the reverse is true. It is not possible to define ENV_PATH in /etc/login.defs and then make su specific customization in /etc/default/su. We need to change read order to match the documented behavior. Signed-off-by: Stanislav Brabec <[email protected]> --- login-utils/su-common.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/login-utils/su-common.c b/login-utils/su-common.c index e0604e246..19074247c 100644 --- a/login-utils/su-common.c +++ b/login-utils/su-common.c @@ -1229,8 +1229,8 @@ static void load_config(void *data) struct su_context *su = (struct su_context *) data; DBG(MISC, ul_debug("loading logindefs")); - logindefs_load_file(su->runuser ? _PATH_LOGINDEFS_RUNUSER : _PATH_LOGINDEFS_SU); logindefs_load_file(_PATH_LOGINDEFS); + logindefs_load_file(su->runuser ? _PATH_LOGINDEFS_RUNUSER : _PATH_LOGINDEFS_SU); } /* -- 2.20.1 ++++++ util-linux-login_defs-priority2.patch ++++++ >From 86f42e5a2a9d8a483ad0ca85fdf090172fb4d385 Mon Sep 17 00:00:00 2001 From: Stanislav Brabec <[email protected]> Date: Thu, 10 Jan 2019 01:28:54 +0100 Subject: [PATCH 2/2] su-common.c: prefer ENV_SUPATH over ENV_ROOTPATH ENV_SUPATH and ENV_ROOTPATH are equivalent and ENV_ROOTPATH takes precedence in both login and su. It makes no sense. More logical would be precedence of ENV_SUPATH in su and ENV_ROOTPATH in login. Signed-off-by: Stanislav Brabec <[email protected]> --- login-utils/login.1 | 2 +- login-utils/runuser.1 | 2 +- login-utils/su-common.c | 4 ++-- login-utils/su.1 | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/login-utils/login.1 b/login-utils/login.1 index cb8addec3..b73eae147 100644 --- a/login-utils/login.1 +++ b/login-utils/login.1 @@ -282,7 +282,7 @@ a regular user logs in. The default value is (string) .RS 4 If set, it will be used to define the PATH environment variable when -the superuser logs in. The default value is +the superuser logs in. ENV_ROOTPATH takes precedence. The default value is .I /usr\:/local\:/sbin:\:/usr\:/local\:/bin:\:/sbin:\:/bin:\:/usr\:/sbin:\:/usr\:/bin .RE .SH FILES diff --git a/login-utils/runuser.1 b/login-utils/runuser.1 index bf0d02471..221672200 100644 --- a/login-utils/runuser.1 +++ b/login-utils/runuser.1 @@ -183,7 +183,7 @@ default value is .B ENV_SUPATH (string) .RS 4 -Defines the PATH environment variable for root. The default value is +Defines the PATH environment variable for root. ENV_SUPATH takes precedence. The default value is .IR /usr/local/sbin:\:/usr/local/bin:\:/sbin:\:/bin:\:/usr/sbin:\:/usr/bin . .RE .PP diff --git a/login-utils/su-common.c b/login-utils/su-common.c index 19074247c..0e44eb87c 100644 --- a/login-utils/su-common.c +++ b/login-utils/su-common.c @@ -989,8 +989,8 @@ static void setenv_path(const struct passwd *pw) if (pw->pw_uid) rc = logindefs_setenv("PATH", "ENV_PATH", _PATH_DEFPATH); - else if ((rc = logindefs_setenv("PATH", "ENV_ROOTPATH", NULL)) != 0) - rc = logindefs_setenv("PATH", "ENV_SUPATH", _PATH_DEFPATH_ROOT); + else if ((rc = logindefs_setenv("PATH", "ENV_SUPATH", NULL)) != 0) + rc = logindefs_setenv("PATH", "ENV_ROOTPATH", _PATH_DEFPATH_ROOT); if (rc) err(EXIT_FAILURE, _("failed to set the PATH environment variable")); diff --git a/login-utils/su.1 b/login-utils/su.1 index d6a064fd2..5ae6d6b2d 100644 --- a/login-utils/su.1 +++ b/login-utils/su.1 @@ -209,7 +209,7 @@ default value is .B ENV_SUPATH (string) .RS 4 -Defines the PATH environment variable for root. The default value is +Defines the PATH environment variable for root. ENV_SUPATH takes precedence. The default value is .IR /usr/local/sbin:\:/usr/local/bin:\:/sbin:\:/bin:\:/usr/sbin:\:/usr/bin . .RE .PP -- 2.20.1
