summaryrefslogtreecommitdiffstats
path: root/debian/local/pam_getenv
diff options
context:
space:
mode:
Diffstat (limited to 'debian/local/pam_getenv')
-rw-r--r--debian/local/pam_getenv123
1 files changed, 123 insertions, 0 deletions
diff --git a/debian/local/pam_getenv b/debian/local/pam_getenv
new file mode 100644
index 0000000..e409c3e
--- /dev/null
+++ b/debian/local/pam_getenv
@@ -0,0 +1,123 @@
+#!/usr/bin/perl -w
+
+=head1 NAME
+
+pam_getenv - get environment variables from /etc/environment
+
+=head1 SYNOPSIS
+
+pam_getenv B<[-l] [-s]> I<env_var>
+
+=head1 DESCRIPTION
+
+This tool will print out the value of I<env_var> from F</etc/environment>. It will attempt to expand environment variable references in the definition of I<env_var> but will fail if PAM items are expanded.
+
+The B<-l> option indicates the script should return an environment variable related to default locale information.
+
+The B<-s> option indicates that the script should return an
+system default environment variable.
+
+Currently neither the B<-l> or B<-s> options do anything. They are
+included because future versions of Debian may have a separate
+repository for the initial environment used by init scripts and for
+system locale information. These options will allow this script to be
+a stable interface even in that environment.
+
+=cut
+
+# Copyright 2004 by Sam Hartman
+# This script may be copied under the terms of the GNU GPL
+# version 2, or at your option any later version.
+
+use strict;
+use vars qw(*CONFIGFILE *ENVFILE);
+
+sub read_line($) {
+ my $fh = shift;
+ my $line;
+ local $_;
+ line: while (<$fh>) {
+ chomp;
+ s/^\s+//;
+s/\#.*$//;
+ next if $_ eq "";
+ if (s/\\\s*$//) {
+ $line .= $_;
+ next line;
+ }
+
+ $line .= $_;
+ last;
+ }
+ $line;
+
+}
+
+
+sub parse_line($) {
+ my $var;
+ my (%x, @x);
+ local $_ = shift;
+ return undef unless defined $_ and s/(\S+)\s//;
+ $var->{Name} = $1;
+ s/^\s*//;
+ @x = split(/=([^"\s]\S*|"[^"]*")\s*/, $_);
+ unless (scalar(@x)%2 == 0) {
+ push @x, undef;
+ }
+ %x = @x;
+ @{$var}{"Default", "Override"} =
+ @x{"DEFAULT", "OVERRIDE"};
+ $var;
+}
+
+sub expand_val($) {
+ my ($val) = @_;
+return undef unless $val;
+ die "Cannot handle PAM items\n" if /(?<!\\)\@/;
+ $val =~ s/(?<!\\)\$\{([^}]+)\}/$ENV{$1}||""/eg;
+ return $val;
+}
+
+my $lookup;
+
+while ($_ = shift) {
+ next if $_ eq "-s";
+ next if $_ eq "-l";
+ $lookup = $_;
+ last;
+}
+unless (defined $lookup) {
+ die "Usage: pam_getenv [-l] [-s] env_var\n";
+}
+
+my %allvars;
+
+open (CONFIGFILE, "/etc/security/pam_env.conf")
+ or die "Cannot open environment file: $!\n";
+
+while (my $var = parse_line(read_line(\*CONFIGFILE))) {
+ my $val;
+ unless ($val = expand_val($var->{Override})) {
+ $val = expand_val($var->{Default});
+ }
+ $allvars{$var->{Name}} = $val;
+}
+
+if (open (ENVFILE, "/etc/environment")) {
+ while (my $line = read_line(\*ENVFILE)) {
+ $line =~ s/^export //;
+ $line =~ /(.*?)=(.+)/ or next;
+ my ($var, $val) = ($1, $2);
+ # This is bizarre logic (" and ' match each other, quotes are only
+ # significant at the start and end of the string, and the trailing quote
+ # may be omitted), but it's what pam_env does.
+ $val =~ s/^["'](.*?)["']?$/$1/;
+ $allvars{$var} = $val;
+ }
+}
+
+if (exists $allvars{$lookup}) {
+ print $allvars{$lookup}, "\n";
+ exit(0);
+}