Web lists-archives.com

Re: Ideal place to set environment variables




On Fri, 30 Mar 2018, Greg Wooledge wrote:
> On Fri, Mar 30, 2018 at 12:11:18PM -0700, Don Armstrong wrote:
> > That's why you need @{HOME}, not ${HOME}.
> 
> Same result.
> 
> $ tail -2 /etc/security/pam_env.conf
> FOO		DEFAULT=@{HOME}/bar
> LANG		DEFAULT=en_US.UTF-8	OVERRIDE=${LANG}
> 
> $ LANG=lolcat ssh localhost
> [...]
> $ env | grep -E '(FOO|LANG)='
> LANG=en_US.UTF-8
> FOO=/bar

Hrm; this feature was added around 1.2.1, and we're still using 1.1.8.[1]


> there is apparently no realistic way (short of source-diving) to
> figure out what each PAM module actually DOES to the environment.

In pam_env, there's a debug option.

> WTF is a "PAM_ITEM"? pam_env.conf(5) refers to pam.d(5) and pam(7),

See https://github.com/linux-pam/linux-pam/blob/master/modules/pam_env/pam_env.c#L668

1: https://bugs.debian.org/821408
-- 
Don Armstrong                      https://www.donarmstrong.com

"She decided what she wished to happen and then assumed that reality
would bend to her wishes." [...] "Reality doesn't indulge wishes."
 -- Terry Goodkind _Phantom_ p133