Page MenuHomeFreeBSD

make shell started by "jexec -l [-U user] jail" a login shell
AbandonedPublic

Authored by pstef on Mar 14 2021, 2:18 PM.
Tags
None
Referenced Files
Unknown Object (File)
Dec 20 2023, 4:46 AM
Unknown Object (File)
Sep 30 2023, 4:22 PM
Unknown Object (File)
Aug 6 2023, 8:31 PM
Unknown Object (File)
Jul 2 2023, 8:04 AM
Unknown Object (File)
Jul 1 2023, 8:27 PM
Unknown Object (File)
Jun 9 2023, 6:32 PM
Unknown Object (File)
May 10 2023, 2:05 AM
Unknown Object (File)
May 9 2023, 5:09 PM
Subscribers

Details

Reviewers
None
Group Reviewers
Jails
Summary

Currently, when the command argument is not given, the user's shell is used. But then $PWD is / instead of $HOME and also no profile files are executed.

This patch makes jexec set the shell's 0th argument to "-" like login(1) would do, so that the shell can behave as a login shell and attempt to read profile files, but only when clean environment was requested with -l.

Diff Detail

Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

pstef requested review of this revision.Mar 14 2021, 2:18 PM
pstef created this revision.

This would work well with jexec -l, which is already somewhat like su -l but misses the parts you mention. In fact, I would recommend making clean (-l) the deciding factor instead of pwd (-u/U). And I don't see a reason why the same directory change shouldn't be done regardless of whether it's for a command or a shell.

The - added to the shell command line should also be contingent upon clean, so a simple option-less jexec would behave as it currently does.

pstef retitled this revision from jexec(8): spawn login shell when no command is given to make shell started by "jexec -l [-U user] jail" a login shell.
pstef edited the summary of this revision. (Show Details)

Agree with jamie's comments.

pstef added a subscriber: kevans.

@kevans pointed out to me that my previous patch replaces the name with a dash character, while login(1) only prepends the dash to the original program name, so that's probably what shells expect. I did try to fix that, it seems to work for the few cases that I tested, but in the meantime someone asked about Linux jails, which I looked into. Those can't be properly supported since our getpwnam won't work with the underlying system's structure; so while it is possible to spawn a login shell, the shell would always be /bin/sh which under standard Ubuntu seems to translate into dash, not a great shell for interactive use.

I think I'll just abandon this differential and learn to use: jexec -l jail login -f user which should work as I expect and should work on any system.