diff options
-rw-r--r-- | src/exec.c | 14 | ||||
-rw-r--r-- | src/sudo.c | 3 | ||||
-rw-r--r-- | src/sudo.h | 3 |
3 files changed, 11 insertions, 9 deletions
diff --git a/src/exec.c b/src/exec.c index 844391b91..2af81c880 100644 --- a/src/exec.c +++ b/src/exec.c @@ -226,17 +226,17 @@ exec_setup(struct command_details *details, int intercept_fd, int errfd) * Only change cwd if we have chroot()ed or the policy modules * specifies a different cwd. Must be done after uid change. */ - if (details->cwd != NULL) { - if (details->chroot != NULL || user_details.cwd == NULL || - strcmp(details->cwd, user_details.cwd) != 0) { + if (details->runcwd != NULL) { + if (details->chroot != NULL || details->submitcwd == NULL || + strcmp(details->runcwd, details->submitcwd) != 0) { if (ISSET(details->flags, CD_RBAC_ENABLED)) { /* For SELinux, chdir(2) in sesh after the context change. */ SET(details->flags, CD_RBAC_SET_CWD); } else { - /* Note: cwd is relative to the new root, if any. */ - if (chdir(details->cwd) == -1) { + /* Note: runcwd is relative to the new root, if any. */ + if (chdir(details->runcwd) == -1) { sudo_warn(U_("unable to change directory to %s"), - details->cwd); + details->runcwd); if (!ISSET(details->flags, CD_CWD_OPTIONAL)) goto done; if (details->chroot != NULL) @@ -294,7 +294,7 @@ exec_cmnd(struct command_details *details, sigset_t *mask, #ifdef HAVE_SELINUX if (ISSET(details->flags, CD_RBAC_ENABLED)) { selinux_execve(details->execfd, details->command, details->argv, - details->envp, details->cwd, details->flags); + details->envp, details->runcwd, details->flags); } else #endif { diff --git a/src/sudo.c b/src/sudo.c index e5f034c88..d0599eba8 100644 --- a/src/sudo.c +++ b/src/sudo.c @@ -696,7 +696,7 @@ command_info_to_details(char * const info[], struct command_details *details) case 'c': SET_STRING("chroot=", chroot) SET_STRING("command=", command) - SET_STRING("cwd=", cwd) + SET_STRING("cwd=", runcwd) SET_FLAG("cwd_optional=", CD_CWD_OPTIONAL) if (strncmp("closefrom=", info[i], sizeof("closefrom=") - 1) == 0) { cp = info[i] + sizeof("closefrom=") - 1; @@ -870,6 +870,7 @@ command_info_to_details(char * const info[], struct command_details *details) } if (details->utmp_user == NULL) details->utmp_user = user_details.username; + details->submitcwd = user_details.cwd; /* Only use ptrace(2) for intercept/log_subcmds if supported. */ exec_ptrace_fix_flags(details); diff --git a/src/sudo.h b/src/sudo.h index f01928b58..503a0af76 100644 --- a/src/sudo.h +++ b/src/sudo.h @@ -200,7 +200,8 @@ struct command_details { struct passwd *pw; const char *command; const char *runas_user; - const char *cwd; + const char *runcwd; + const char *submitcwd; const char *login_class; const char *chroot; const char *selinux_role; |