← Back to team overview

dx-packages team mailing list archive

[Bug 1722151] Re: Incorrect syntax when writing to ~/.pam_environment

 

When adding the "debug" parameter to the invokation of pam_env in
/etc/pam.d/gdm-password, I'm seeing the following in journalctl:

oct 09 09:52:59 artfulvm gdm-password][1072]: pam_env(gdm-password:session): pam_putenv("PATH=/usr/local/sbin:/usr/local/bin:/usr/
oct 09 09:52:59 artfulvm gdm-password][1072]: pam_env(gdm-password:session): pam_putenv("LANG=en_US.UTF-8")
oct 09 09:52:59 artfulvm gdm-password][1072]: pam_env(gdm-password:session): pam_putenv("LC_NUMERIC=es_ES.UTF-8")
oct 09 09:52:59 artfulvm gdm-password][1072]: pam_env(gdm-password:session): pam_putenv("LC_TIME=es_ES.UTF-8")
oct 09 09:52:59 artfulvm gdm-password][1072]: pam_env(gdm-password:session): pam_putenv("LC_MONETARY=es_ES.UTF-8")
oct 09 09:52:59 artfulvm gdm-password][1072]: pam_env(gdm-password:session): pam_putenv("LC_PAPER=es_ES.UTF-8")
oct 09 09:52:59 artfulvm gdm-password][1072]: pam_env(gdm-password:session): pam_putenv("LC_NAME=es_ES.UTF-8")
oct 09 09:52:59 artfulvm gdm-password][1072]: pam_env(gdm-password:session): pam_putenv("LC_ADDRESS=es_ES.UTF-8")
oct 09 09:52:59 artfulvm gdm-password][1072]: pam_env(gdm-password:session): pam_putenv("LC_TELEPHONE=es_ES.UTF-8")
oct 09 09:52:59 artfulvm gdm-password][1072]: pam_env(gdm-password:session): pam_putenv("LC_MEASUREMENT=es_ES.UTF-8")
oct 09 09:52:59 artfulvm gdm-password][1072]: pam_env(gdm-password:session): pam_putenv("LC_IDENTIFICATION=es_ES.UTF-8")
oct 09 09:52:59 artfulvm gdm-password][1072]: pam_env(gdm-password:session): pam_putenv("LANGUAGE=en_US")
oct 09 09:52:59 artfulvm gdm-password][1072]: pam_env(gdm-password:session): remove variable "LANGUAGE=fr_FR:en_GB:en"
oct 09 09:52:59 artfulvm gdm-password][1072]: pam_env(gdm-password:session): remove variable "LANG=fr_FR.UTF-8"
oct 09 09:52:59 artfulvm gdm-password][1072]: pam_env(gdm-password:session): remove variable "LC_NUMERIC=es_ES.UTF-8"
oct 09 09:52:59 artfulvm gdm-password][1072]: pam_env(gdm-password:session): remove variable "LC_TIME=es_ES.UTF-8"
oct 09 09:52:59 artfulvm gdm-password][1072]: pam_env(gdm-password:session): remove variable "LC_MONETARY=es_ES.UTF-8"
oct 09 09:52:59 artfulvm gdm-password][1072]: pam_env(gdm-password:session): remove variable "LC_PAPER=es_ES.UTF-8"
oct 09 09:52:59 artfulvm gdm-password][1072]: pam_env(gdm-password:session): remove variable "LC_NAME=es_ES.UTF-8"
oct 09 09:52:59 artfulvm gdm-password][1072]: pam_env(gdm-password:session): remove variable "LC_ADDRESS=es_ES.UTF-8"
oct 09 09:52:59 artfulvm gdm-password][1072]: pam_env(gdm-password:session): remove variable "LC_TELEPHONE=es_ES.UTF-8"
oct 09 09:52:59 artfulvm gdm-password][1072]: pam_env(gdm-password:session): remove variable "LC_MEASUREMENT=es_ES.UTF-8"
oct 09 09:52:59 artfulvm gdm-password][1072]: pam_env(gdm-password:session): remove variable "LC_IDENTIFICATION=es_ES.UTF-8"
oct 09 09:52:59 artfulvm gdm-password][1072]: pam_env(gdm-password:session): remove variable "PAPERSIZE=a4"
oct 09 09:52:59 artfulvm gdm-password][1072]: pam_unix(gdm-password:session): session opened for user ubuntu by (uid=0)

The code for the _undefine_var() function in pam-env.c (https://github.com/linux-pam/linux-pam/blob/master/modules/pam_env/pam_env.c#L738) calls pam_putenv(pamh, var->name), and this happens to work because var->name == "NAME=value", which is the first token on the line.
This is working, but really by accident, and if in the future pam's parser for conf files becomes stricter, this will cease to work. I think we should consider complying better with the documented way of setting variable values (and we should update the documentation, too).

-- 
You received this bug notification because you are a member of DX
Packages, which is subscribed to accountsservice in Ubuntu.
Matching subscriptions: dx-packages
https://bugs.launchpad.net/bugs/1722151

Title:
  Incorrect syntax when writing to ~/.pam_environment

Status in accountsservice package in Ubuntu:
  Confirmed

Bug description:
  While investigating bug #1662031, I found out that /usr/share
  /language-tools/save-to-pam-env writes to ~/.pam_environment using an
  incorrect syntax: "VARIABLE=value" on each line. The expected syntax
  is "VARIABLE [DEFAULT=[value]] [OVERRIDE=[value]]" (man pam_env.conf).

  ProblemType: Bug
  DistroRelease: Ubuntu 17.10
  Package: accountsservice 0.6.42-0ubuntu2
  ProcVersionSignature: Ubuntu 4.13.0-12.13-generic 4.13.3
  Uname: Linux 4.13.0-12-generic x86_64
  NonfreeKernelModules: zfs zunicode zavl zcommon znvpair
  ApportVersion: 2.20.7-0ubuntu2
  Architecture: amd64
  CurrentDesktop: ubuntu:GNOME
  Date: Mon Oct  9 06:57:17 2017
  EcryptfsInUse: Yes
  InstallationDate: Installed on 2016-07-02 (463 days ago)
  InstallationMedia: Ubuntu 16.04 LTS "Xenial Xerus" - Release amd64 (20160420.1)
  SourcePackage: accountsservice
  UpgradeStatus: Upgraded to artful on 2017-06-04 (126 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/accountsservice/+bug/1722151/+subscriptions


References