[Touch-packages] [Bug 1599069] [NEW] [pam] Module pam_env does not unset environment variables

2016-07-05 Thread Cade Forester 
Public bug reported:

Architecture: amd64
Date: 2016-07-05T07:10:34,326215642+ (printed by command "date --utc 
--iso-8601=ns")
DistroRelease: Ubuntu 14.04
Package: libpam-modules 1.1.8-1ubuntu2.2
PackageArchitecture: amd64
SourcePackage: pam
Uname: Linux 3.16.0-53-generic x86_64

Steps to reproduce.

1. Edit some files.

   Shell command:
  cat /etc/security/pam_env.conf

   Output of last shell command:
  TEST__SET_ME DEFAULT="value set successfully"
  TEST__CLEAR_ME DEFAULT="" OVERRIDE=""
  TEST__UNSET_ME DEFAULT=   OVERRIDE=

   Shell command:
  cat /etc/pam.d/su

   Output of last shell command:
  auth sufficient pam_rootok.so
  session required pam_env.so readenv=1 debug
  # /etc/pam.d/common-auth
  auth [success=1 default=ignore] pam_unix.so nullok_secure
  auth requisite pam_deny.so
  auth required pam_permit.so
  auth optional pam_ecryptfs.so unwrap
  auth optional pam_cap.so
  # /etc/pam.d/common-account
  account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so
  account requisite pam_deny.so
  account required pam_permit.so
  # /etc/pam.d/common-session
  session [default=1] pam_permit.so
  session requisite pam_deny.so
  session required pam_permit.so
  session optional pam_umask.so
  session required pam_unix.so
  session optional pam_ecryptfs.so unwrap
  session optional pam_ck_connector.so nox11

2. Run shell commands:
  env --ignore-environment sh
  export TEST__CLEAR_ME="variable not cleared"
  export TEST__UNSET_ME="variable still set"
  su --command env | grep TEST__

   Type root password.

   Output of last shell command:
  TEST__UNSET_ME=variable still set
  TEST__SET_ME=value set successfully
  TEST__CLEAR_ME=

   Related syslog output:
  su[11338] Successful su for root by local_user
  su[11338] + /dev/pts/0 local_user:root
  su[11338] pam_env(su:session): pam_putenv("TEST__ SET_ME=value set 
successfully")
  su[11338] pam_env(su:session): pam_putenv("TEST__ CLEAR_ME=")
  su[11338] pam_env(su:session): remove variable "TEST__UNSET_ME"
  su[11338] pam_env(su:session): pam_putenv: delete non-existent entry; 
TEST__UNSET_ME
  su[11338] pam_env(su:session): 
pam_putenv("PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin")
  su[11338] pam_unix(su:session): session opened for user root by 
local_user(uid=1000)
  su[11338] pam_unix(su:session): session closed for user root

Actual result:
environment variable
TEST__UNSET_ME
not unset.

Expected result:
unset environment variable
TEST__UNSET_ME.

Bugs:
- pam module "pam_env.so"
  does not unset environment variables;
- man page pam_env(8) describe,
  what module can
  unset environment variables,
  but does not describe,
  how to do that
  (answer found in
  "pam-1.1.8/modules/pam_env/pam_env.c",
  line 472).

** Affects: pam (Ubuntu)
 Importance: Undecided
 Status: New

** Package changed: ubuntu => pam (Ubuntu)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pam in Ubuntu.
https://bugs.launchpad.net/bugs/1599069

Title:
  [pam] Module pam_env does not unset environment variables

Status in pam package in Ubuntu:
  New

Bug description:
  Architecture: amd64
  Date: 2016-07-05T07:10:34,326215642+ (printed by command "date --utc 
--iso-8601=ns")
  DistroRelease: Ubuntu 14.04
  Package: libpam-modules 1.1.8-1ubuntu2.2
  PackageArchitecture: amd64
  SourcePackage: pam
  Uname: Linux 3.16.0-53-generic x86_64

  Steps to reproduce.

  1. Edit some files.

 Shell command:
cat /etc/security/pam_env.conf

 Output of last shell command:
TEST__SET_ME DEFAULT="value set successfully"
TEST__CLEAR_ME DEFAULT="" OVERRIDE=""
TEST__UNSET_ME DEFAULT=   OVERRIDE=

 Shell command:
cat /etc/pam.d/su

 Output of last shell command:
auth sufficient pam_rootok.so
session required pam_env.so readenv=1 debug
# /etc/pam.d/common-auth
auth [success=1 default=ignore] pam_unix.so nullok_secure
auth requisite pam_deny.so
auth required pam_permit.so
auth optional pam_ecryptfs.so unwrap
auth optional pam_cap.so
# /etc/pam.d/common-account
account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so
account requisite pam_deny.so
account required pam_permit.so
# /etc/pam.d/common-session
session [default=1] pam_permit.so
session requisite pam_deny.so
session required pam_permit.so
session optional pam_umask.so
session required pam_unix.so
session optional pam_ecryptfs.so unwrap
session optional pam_ck_connector.so nox11

  2. Run shell commands:
env --ignore-environment sh
export TEST__CLEAR_ME="variable not cleared"
export TEST__UNSET_ME="variable

[Touch-packages] [Bug 1599069] [NEW] [pam] Module pam_env does not unset environment variables

2016-07-05 Thread Launchpad Bug Tracker 
You have been subscribed to a public bug:

Architecture: amd64
Date: 2016-07-05T07:10:34,326215642+ (printed by command "date --utc 
--iso-8601=ns")
DistroRelease: Ubuntu 14.04
Package: libpam-modules 1.1.8-1ubuntu2.2
PackageArchitecture: amd64
SourcePackage: pam
Uname: Linux 3.16.0-53-generic x86_64

Steps to reproduce.

1. Edit some files.

   Shell command:
  cat /etc/security/pam_env.conf

   Output of last shell command:
  TEST__SET_ME DEFAULT="value set successfully"
  TEST__CLEAR_ME DEFAULT="" OVERRIDE=""
  TEST__UNSET_ME DEFAULT=   OVERRIDE=

   Shell command:
  cat /etc/pam.d/su

   Output of last shell command:
  auth sufficient pam_rootok.so
  session required pam_env.so readenv=1 debug
  # /etc/pam.d/common-auth
  auth [success=1 default=ignore] pam_unix.so nullok_secure
  auth requisite pam_deny.so
  auth required pam_permit.so
  auth optional pam_ecryptfs.so unwrap
  auth optional pam_cap.so
  # /etc/pam.d/common-account
  account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so
  account requisite pam_deny.so
  account required pam_permit.so
  # /etc/pam.d/common-session
  session [default=1] pam_permit.so
  session requisite pam_deny.so
  session required pam_permit.so
  session optional pam_umask.so
  session required pam_unix.so
  session optional pam_ecryptfs.so unwrap
  session optional pam_ck_connector.so nox11

2. Run shell commands:
  env --ignore-environment sh
  export TEST__CLEAR_ME="variable not cleared"
  export TEST__UNSET_ME="variable still set"
  su --command env | grep TEST__

   Type root password.

   Output of last shell command:
  TEST__UNSET_ME=variable still set
  TEST__SET_ME=value set successfully
  TEST__CLEAR_ME=

   Related syslog output:
  su[11338] Successful su for root by local_user
  su[11338] + /dev/pts/0 local_user:root
  su[11338] pam_env(su:session): pam_putenv("TEST__ SET_ME=value set 
successfully")
  su[11338] pam_env(su:session): pam_putenv("TEST__ CLEAR_ME=")
  su[11338] pam_env(su:session): remove variable "TEST__UNSET_ME"
  su[11338] pam_env(su:session): pam_putenv: delete non-existent entry; 
TEST__UNSET_ME
  su[11338] pam_env(su:session): 
pam_putenv("PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin")
  su[11338] pam_unix(su:session): session opened for user root by 
local_user(uid=1000)
  su[11338] pam_unix(su:session): session closed for user root

Actual result:
environment variable
TEST__UNSET_ME
not unset.

Expected result:
unset environment variable
TEST__UNSET_ME.

Bugs:
- pam module "pam_env.so"
  does not unset environment variables;
- man page pam_env(8) describe,
  what module can
  unset environment variables,
  but does not describe,
  how to do that
  (answer found in
  "pam-1.1.8/modules/pam_env/pam_env.c",
  line 472).

** Affects: pam (Ubuntu)
 Importance: Undecided
 Status: New

-- 
[pam] Module pam_env does not unset environment variables
https://bugs.launchpad.net/bugs/1599069
You received this bug notification because you are a member of Ubuntu Touch 
seeded packages, which is subscribed to pam in Ubuntu.

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp