[pam] Module pam_env does not unset environment variables
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
pam (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Architecture: amd64
Date: 2016-07-
DistroRelease: Ubuntu 14.04
Package: libpam-modules 1.1.8-1ubuntu2.2
PackageArchitec
SourcePackage: pam
Uname: Linux 3.16.0-53-generic x86_64
Steps to reproduce.
1. Edit some files.
Shell command:
cat /etc/security/
Output of last shell command:
TEST__SET_ME DEFAULT="value set successfully"
TEST_
TEST_
Shell command:
cat /etc/pam.d/su
Output of last shell command:
auth sufficient pam_rootok.so
session required pam_env.so readenv=1 debug
# /etc/pam.
auth [success=1 default=ignore] pam_unix.so nullok_secure
auth requisite pam_deny.so
auth required pam_permit.so
auth optional pam_ecryptfs.so unwrap
auth optional pam_cap.so
# /etc/pam.
account [success=1 new_authtok_
account requisite pam_deny.so
account required pam_permit.so
# /etc/pam.
session [default=1] pam_permit.so
session requisite pam_deny.so
session required pam_permit.so
session optional pam_umask.so
session required pam_unix.so
session optional pam_ecryptfs.so unwrap
session optional pam_ck_connector.so nox11
2. Run shell commands:
env --ignore-
export TEST__CLEAR_
export TEST__UNSET_
su --command env | grep TEST__
Type root password.
Output of last shell command:
TEST_
TEST_
TEST_
Related syslog output:
su[11338] Successful su for root by local_user
su[11338] + /dev/pts/0 local_user:root
su[11338] pam_env(
su[11338] pam_env(
su[11338] pam_env(
su[11338] pam_env(
su[11338] pam_env(
su[11338] pam_unix(
su[11338] pam_unix(
Actual result:
environment variable
TEST__UNSET_ME
not unset.
Expected result:
unset environment variable
TEST__UNSET_ME.
Bugs:
- pam module "pam_env.so"
does not unset environment variables;
- man page pam_env(8) describe,
what module can
unset environment variables,
but does not describe,
how to do that
(answer found in
"pam-
line 472).
affects: | ubuntu → pam (Ubuntu) |