Move the env whitelists to an rc var and build in the system whitelist.
This commit is contained in:
Roy Marples
parent
ac21d75300
commit
c92be49041
@ -1,6 +0,0 @@
|
|||||||
# /etc/conf.d/env_whitelist: Environment whitelist for rc-system
|
|
||||||
|
|
||||||
# Specify which variables are allowed to be passed from the environment to the
|
|
||||||
# rc-system. If it is not set by the environment, then the variable will be
|
|
||||||
# taken from /etc/profile.env - meaning, if you need to set LANG or such,
|
|
||||||
# do it in a /etc/env.d/99myownstuff file for example, and run env-update.
|
|
||||||
@ -52,6 +52,10 @@ rc_force_auto="NO"
|
|||||||
# /var/log/rc.log
|
# /var/log/rc.log
|
||||||
rc_logger="NO"
|
rc_logger="NO"
|
||||||
|
|
||||||
|
# By default we filter the environment for our running scripts. To allow other
|
||||||
|
# variables through, add them here. Use a * to allow all variables through.
|
||||||
|
# rc_env_allow="VAR1 VAR2"
|
||||||
|
|
||||||
##############################################################################
|
##############################################################################
|
||||||
# MISC CONFIGURATION VARIABLES
|
# MISC CONFIGURATION VARIABLES
|
||||||
# There variables are shared between many init scripts
|
# There variables are shared between many init scripts
|
||||||
|
|||||||
@ -1,48 +0,0 @@
|
|||||||
# System environment whitelist for rc-system
|
|
||||||
# See /etc/conf.d/env_whitelist for details.
|
|
||||||
|
|
||||||
#
|
|
||||||
# Internal variables needed for operation of rc-system
|
|
||||||
# NB: Do not modify below this line if you do not know what you are doing!!
|
|
||||||
#
|
|
||||||
|
|
||||||
# Hotplug
|
|
||||||
IN_HOTPLUG
|
|
||||||
|
|
||||||
# RC network script support
|
|
||||||
IN_BACKGROUND
|
|
||||||
RC_INTERFACE_KEEP_CONFIG
|
|
||||||
|
|
||||||
# Default shell stuff
|
|
||||||
PATH
|
|
||||||
SHELL
|
|
||||||
USER
|
|
||||||
HOME
|
|
||||||
TERM
|
|
||||||
|
|
||||||
# Language variables
|
|
||||||
LANG
|
|
||||||
LC_CTYPE
|
|
||||||
LC_NUMERIC
|
|
||||||
LC_TIME
|
|
||||||
LC_COLLATE
|
|
||||||
LC_MONETARY
|
|
||||||
LC_MESSAGES
|
|
||||||
LC_PAPER
|
|
||||||
LC_NAME
|
|
||||||
LC_ADDRESS
|
|
||||||
LC_TELEPHONE
|
|
||||||
LC_MEASUREMENT
|
|
||||||
LC_IDENTIFICATION
|
|
||||||
LC_ALL
|
|
||||||
|
|
||||||
# From /sbin/init
|
|
||||||
INIT_HALT
|
|
||||||
INIT_VERSION
|
|
||||||
RUNLEVEL
|
|
||||||
PREVLEVEL
|
|
||||||
CONSOLE
|
|
||||||
|
|
||||||
# Allow this through too so we can prefer stuff in /lib when shutting down
|
|
||||||
# or going to single mode.
|
|
||||||
LD_LIBRARY_PATH
|
|
||||||
@ -44,8 +44,8 @@
|
|||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
|
||||||
#include "rc.h"
|
#include "rc.h"
|
||||||
#include "rc-misc.h"
|
#include "../rc-misc.h"
|
||||||
#include "strlist.h"
|
#include "../strlist.h"
|
||||||
|
|
||||||
#define PROFILE_ENV "/etc/profile.env"
|
#define PROFILE_ENV "/etc/profile.env"
|
||||||
#define SYS_WHITELIST RC_LIBDIR "/conf.d/env_whitelist"
|
#define SYS_WHITELIST RC_LIBDIR "/conf.d/env_whitelist"
|
||||||
@ -113,17 +113,54 @@ char **env_filter (void)
|
|||||||
char *p;
|
char *p;
|
||||||
int pplen = strlen (PATH_PREFIX);
|
int pplen = strlen (PATH_PREFIX);
|
||||||
|
|
||||||
whitelist = rc_config_list (SYS_WHITELIST);
|
/* Init a system whitelist, start with shell vars we need */
|
||||||
if (! whitelist)
|
rc_strlist_add (&whitelist, "PATH");
|
||||||
fprintf (stderr, "system environment whitelist (" SYS_WHITELIST ") missing\n");
|
rc_strlist_add (&whitelist, "SHELL");
|
||||||
|
rc_strlist_add (&whitelist, "USER");
|
||||||
|
rc_strlist_add (&whitelist, "HOME");
|
||||||
|
rc_strlist_add (&whitelist, "TERM");
|
||||||
|
|
||||||
env = rc_config_list (USR_WHITELIST);
|
/* Add Language vars */
|
||||||
rc_strlist_join (&whitelist, env);
|
rc_strlist_add (&whitelist, "LANG");
|
||||||
rc_strlist_free (env);
|
rc_strlist_add (&whitelist, "LC_CTYPE");
|
||||||
env = NULL;
|
rc_strlist_add (&whitelist, "LC_NUMERIC");
|
||||||
|
rc_strlist_add (&whitelist, "LC_TIME");
|
||||||
|
rc_strlist_add (&whitelist, "LC_COLLATE");
|
||||||
|
rc_strlist_add (&whitelist, "LC_MONETARY");
|
||||||
|
rc_strlist_add (&whitelist, "LC_MESSAGES");
|
||||||
|
rc_strlist_add (&whitelist, "LC_PAPER");
|
||||||
|
rc_strlist_add (&whitelist, "LC_NAME");
|
||||||
|
rc_strlist_add (&whitelist, "LC_ADDRESS");
|
||||||
|
rc_strlist_add (&whitelist, "LC_TELEPHONE");
|
||||||
|
rc_strlist_add (&whitelist, "LC_MEASUREMENT");
|
||||||
|
rc_strlist_add (&whitelist, "LC_IDENTIFICATION");
|
||||||
|
rc_strlist_add (&whitelist, "LC_ALL");
|
||||||
|
|
||||||
if (! whitelist)
|
/* Allow rc to override library path */
|
||||||
return (NULL);
|
rc_strlist_add (&whitelist, "LD_LIBRARY_PATH");
|
||||||
|
|
||||||
|
/* We need to know sysvinit stuff - we emulate this for BSD too */
|
||||||
|
rc_strlist_add (&whitelist, "INIT_HALT");
|
||||||
|
rc_strlist_add (&whitelist, "INIT_VERSION");
|
||||||
|
rc_strlist_add (&whitelist, "RUNLEVEL");
|
||||||
|
rc_strlist_add (&whitelist, "PREVLEVEL");
|
||||||
|
rc_strlist_add (&whitelist, "CONSOLE");
|
||||||
|
|
||||||
|
/* Hotplug and daemon vars */
|
||||||
|
rc_strlist_add (&whitelist, "IN_HOTPLUG");
|
||||||
|
rc_strlist_add (&whitelist, "IN_BACKGROUND");
|
||||||
|
rc_strlist_add (&whitelist, "RC_INTERFACE_KEEP_CONFIG");
|
||||||
|
|
||||||
|
/* Add the user defined list of vars */
|
||||||
|
e = env_name = xstrdup (rc_conf_value ("rc_env_allow"));
|
||||||
|
while ((token = strsep (&e, " "))) {
|
||||||
|
if (token[0] == '*') {
|
||||||
|
free (env_name);
|
||||||
|
return (NULL);
|
||||||
|
}
|
||||||
|
rc_strlist_add (&whitelist, token);
|
||||||
|
}
|
||||||
|
free (env_name);
|
||||||
|
|
||||||
if (exists (PROFILE_ENV))
|
if (exists (PROFILE_ENV))
|
||||||
profile = rc_config_load (PROFILE_ENV);
|
profile = rc_config_load (PROFILE_ENV);
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user