Summary: | su from `shadow' package lacks `preserve environment' and `login shell' features | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Leonid Kabanov <leonid.kabanov> |
Component: | [OLD] Core system | Assignee: | Gentoo's Team for Core System packages <base-system> |
Status: | RESOLVED UPSTREAM | ||
Severity: | minor | CC: | abusch, gentoo |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: |
patch for coreutils patchset
coreutils ebuild patch coreutils ebuild patch pam file for su pam file for su (openpam) shadow-4.0.11.1-GNU-su.tar.bz2 |
Description
Leonid Kabanov
2005-05-17 19:34:17 UTC
Created attachment 64035 [details]
patch for coreutils patchset
This patch enables `su' in coreutils package.
Created attachment 64036 [details, diff]
coreutils ebuild patch
Patch for `coreutils-5.2.1-r6.ebuild' for enabling `pam' support in `su'
I test this patches with and whitout `acl' use flags. Works fine for me. Patches for shadow package not ready yet. I think I'll make them next week. Created attachment 64038 [details, diff]
coreutils ebuild patch
More pam staff from shadow ebuild
Created attachment 64039 [details]
pam file for su
pam file for su
Created attachment 64040 [details]
pam file for su (openpam)
pam file for su
How about adding those options to shadow's su rather? su from coreutils have really unmainted pam support, and as such I'd rather not us it. As I know debian has patches for shadow's `su' but I busy for now and cannot check this. I reply with more details when I have more free time to investigate. yeah, like az said, we're not interested in using `su` from coreutils ... debian uses `su` from shadow so if their su supports these options its prob because they patched them in ... Debian's `shadow' source package is heavily patched - patch is about 6 MB. This patch is for 4.0.3 version only for now and I cannot port it to 4.0.7 :( I can post patch for `su.c' and manpages here if you want to try. Using `su' from `coreutils' is much more easy - pam support mantained by all major distros and available for recent version of coreutils. `su' from shadow maintained by debian/ubuntu only as I know. IMHO: su's (-s /bin/sh -c "...") syntax is needed for almost any commercial software installer running on Linux. Therefore it would be preferable to have at least a dummy syntax supporting "-s /bin/sh". As long as "gentoo's su" lacks this support it'll be hard for gentoo to become a supported distribution by commercial software companies. upstream is already looking into adding the GNU su features into shadow Created attachment 66724 [details]
shadow-4.0.11.1-GNU-su.tar.bz2
Well, I did port the patches, and did some formatting/bug addition patches. I
also did send this upstream, but unlike usual, they have not come back. I will
do like to note that its still very rough, and that I did try to do it to show
what the Debian patches did. I however add this for now in case.
upstream shadow has been adding more and more of these features with each release 4.0.14 for example has both "--preserve-environment" and "--login" |