Marc Haber pushed to branch master at Debian / adduser
Commits:
c6e23b61 by Marc Haber at 2025-08-14T18:59:36+02:00
move PATH initialization very early in program
This allows early actions like reading the config file to
produce logging without causing taint errors. This solves the issue
reported in MR 106, but in a different way.
Thanks: Luca Boccassi
- - - - -
2 changed files:
- adduser
- deluser
Changes:
=====================================
adduser
=====================================
@@ -46,6 +46,14 @@ my $version = "DVERSION";
my $encode_loaded;
my $codeset;
+# explicitly set PATH, because super (1) cleans up the path and makes adduser
unusable;
+# this is also a good idea for sudo (which doesn't clean up)
+$ENV{"PATH"}="/bin:/usr/bin:/sbin:/usr/sbin";
+$ENV{"IFS"}=" \t\n";
+$ENV{"ENV"}=undef;
+$ENV{"BASH_ENV"}=undef;
+$ENV{"CDPATH"}=undef;
+
BEGIN {
local $ENV{PERL_DL_NONLAZY}=1;
eval {
@@ -216,14 +224,6 @@ log_trace("special_home %s", decode($charset,
$special_home));
preseed_config(\@defaults,\%config);
-# explicitly set PATH, because super (1) cleans up the path and makes adduser
unusable;
-# this is also a good idea for sudo (which doesn't clean up)
-$ENV{"PATH"}="/bin:/usr/bin:/sbin:/usr/sbin";
-$ENV{"IFS"}=" \t\n";
-$ENV{"ENV"}=undef;
-$ENV{"BASH_ENV"}=undef;
-$ENV{"CDPATH"}=undef;
-
# everyone can issue "--help" and "--version", but only root can go on
if( $> != 0) {
log_fatal( mtx("Only root may add a user or group to the system.") );
=====================================
deluser
=====================================
@@ -42,6 +42,14 @@ my $codeset;
my $install_more_packages;
+# explicitly set PATH, because super (1) cleans up the path and makes deluser
unusable;
+# this is also a good idea for sudo (which doesn't clean up)
+$ENV{"PATH"}="/bin:/usr/bin:/sbin:/usr/sbin";
+$ENV{"IFS"}=" \t\n";
+$ENV{"ENV"}=undef;
+$ENV{"BASH_ENV"}=undef;
+$ENV{"CDPATH"}=undef;
+
BEGIN {
local $ENV{PERL_DL_NONLAZY}=1;
eval {
@@ -157,14 +165,6 @@ set_msglevel( $stderrmsglevel, $stdoutmsglevel,
$logmsglevel );
preseed_config (\@defaults,\%config);
-# explicitly set PATH, because super (1) cleans up the path and makes deluser
unusable;
-# this is also a good idea for sudo (which doesn't clean up)
-$ENV{"PATH"}="/bin:/usr/bin:/sbin:/usr/sbin";
-$ENV{"IFS"}=" \t\n";
-$ENV{"ENV"}=undef;
-$ENV{"BASH_ENV"}=undef;
-$ENV{"CDPATH"}=undef;
-
# everyone can issue "--help" and "--version", but only root can go on
if( $> != 0) {
log_fatal( mtx("Only root may remove a user or group from the system.") );
View it on GitLab:
https://salsa.debian.org/debian/adduser/-/commit/c6e23b61befe5200ef5becaba9383be437b6828a
--
View it on GitLab:
https://salsa.debian.org/debian/adduser/-/commit/c6e23b61befe5200ef5becaba9383be437b6828a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Pkg-shadow-devel mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-shadow-devel
