We recently switched to OpenSSH from ssh 1.2.x and
I quickly noticed that /etc/environment processing has gone AWOL.
This patch adds a new sshd_config variable:
SysEnvFile
Specifies a file containing the system-wide default environment
in ``VARNAME=value'' format (default is none.) The
contents of a
user's $HOME/.ssh/environment file, if found, will override
vari-
ables set within the SysEnvFile.
There is already some AIX-specific code which reads in /etc/environment.
I left that code alone for now, but it could probably be removed if this
more general patch is accepted.
Thanks,
Adam Tilghman, UC San Diego
--
Adam Tilghman | Systems Support / Academic Computing | +1 858 822 0711
agt at ucsd.edu | University of California, San Diego | fax +1 858 534 7018
--- cut here ---
diff -r -c openssh-2.5.1p1/servconf.c openssh-2.5.1p1-1/servconf.c
*** openssh-2.5.1p1/servconf.c Wed Feb 14 19:08:27 2001
--- openssh-2.5.1p1-1/servconf.c Thu Mar 1 15:45:03 2001
***************
*** 81,86 ****
--- 81,87 ----
options->challenge_reponse_authentication = -1;
options->permit_empty_passwd = -1;
options->use_login = -1;
+ options->sys_environment_file = NULL;
options->allow_tcp_forwarding = -1;
options->num_allow_users = 0;
options->num_deny_users = 0;
***************
*** 210,216 ****
sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,
sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset,
sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail,
! sUseLogin, sAllowTcpForwarding,
sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem,
sMaxStartups,
--- 211,217 ----
sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,
sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset,
sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail,
! sUseLogin, sSysEnvFile, sAllowTcpForwarding,
sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem,
sMaxStartups,
***************
*** 261,266 ****
--- 262,268 ----
{ "strictmodes", sStrictModes },
{ "permitemptypasswords", sEmptyPasswd },
{ "uselogin", sUseLogin },
+ { "sysenvfile", sSysEnvFile },
{ "randomseed", sRandomSeedFile },
{ "keepalive", sKeepAlives },
{ "allowtcpforwarding", sAllowTcpForwarding },
***************
*** 583,588 ****
--- 585,594 ----
case sUseLogin:
intptr = &options->use_login;
goto parse_flag;
+
+ case sSysEnvFile:
+ charptr = &options->sys_environment_file;
+ goto parse_filename;
case sGatewayPorts:
intptr = &options->gateway_ports;
diff -r -c openssh-2.5.1p1/servconf.h openssh-2.5.1p1-1/servconf.h
*** openssh-2.5.1p1/servconf.h Wed Feb 14 19:08:27 2001
--- openssh-2.5.1p1-1/servconf.h Thu Mar 1 15:46:40 2001
***************
*** 93,98 ****
--- 93,99 ----
int permit_empty_passwd; /* If false, do not permit empty
* passwords. */
int use_login; /* If true, login(1) is used */
+ char *sys_environment_file;
int allow_tcp_forwarding;
u_int num_allow_users;
char *allow_users[MAX_ALLOW_USERS];
diff -r -c openssh-2.5.1p1/session.c openssh-2.5.1p1-1/session.c
*** openssh-2.5.1p1/session.c Sun Feb 18 11:13:34 2001
--- openssh-2.5.1p1-1/session.c Thu Mar 1 15:46:11 2001
***************
*** 1261,1266 ****
--- 1261,1269 ----
/* read $HOME/.ssh/environment. */
if (!options.use_login) {
+ if (options.sys_environment_file != NULL) {
+ read_environment_file(&env, &envsize,
options.sys_environment_file);
+ }
snprintf(buf, sizeof buf, "%.200s/.ssh/environment",
pw->pw_dir);
read_environment_file(&env, &envsize, buf);
diff -r -c openssh-2.5.1p1/sshd.8 openssh-2.5.1p1-1/sshd.8
*** openssh-2.5.1p1/sshd.8 Wed Feb 14 19:08:28 2001
--- openssh-2.5.1p1-1/sshd.8 Thu Mar 1 16:03:04 2001
***************
*** 669,674 ****
--- 669,681 ----
file transfer subsystem.
By default no subsystems are defined.
Note that this option applies to protocol version 2 only.
+ .It Cm SysEnvFile
+ Specifies a file containing the system-wide default environment in
+ .Dq VARNAME=value
+ format (default is none.) The contents of a user's
+ .Pa $HOME/.ssh/environment
+ file, if found, will override variables set within the
+ .Cm SysEnvFile .
.It Cm SyslogFacility
Gives the facility code that is used when logging messages from
.Nm sshd .
