Hello community,
here is the log from the commit of package util-linux for openSUSE:Factory checked in at 2019-05-21 10:19:12
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/util-linux (Old)
and /work/SRC/openSUSE:Factory/.util-linux.new.5148 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "util-linux"
Tue May 21 10:19:12 2019 rev:237 rq:701846 version:2.33.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/util-linux/python3-libmount.changes 2019-03-08 12:00:39.387962465 +0100
+++ /work/SRC/openSUSE:Factory/.util-linux.new.5148/python3-libmount.changes 2019-05-21 10:19:17.555637323 +0200
@@ -1,0 +2,21 @@
+Thu May 9 21:00:29 CEST 2019 - sbrabec@suse.com
+
+- Update to version 2.33.2 (bsc#1134337):
+ * agetty: Fix 8-bit processing in get_logname() (bsc#1125886).
+ * mount: Fix "mount" output for net file systems (bsc#1122417).
+ * Many Other fixes, see
+ https://www.kernel.org/pub/linux/utils/util-linux/v2.33/v2.33.2-ReleaseNotes
+
+-------------------------------------------------------------------
+Thu May 2 23:51:45 CEST 2019 - sbrabec@suse.com
+
+- Fix problems in reading of login.defs values (bsc#1121197,
+ util-linux-login_defs-priority1.patch,
+ util-linux-login_defs-priority2.patch,
+ util-linux-login_defs-SYS_UID.patch).
+- Perform one-time reset of /etc/default/su (bsc#1121197).
+- Add virtual symbols for login.defs compatibility (bsc#1121197).
+- Add login.defs safety check util-linux-login_defs-check.sh
+ (bsc#1121197).
+
+-------------------------------------------------------------------
@@ -5,0 +27,5 @@
+
+-------------------------------------------------------------------
+Mon Mar 4 13:00:08 UTC 2019 - Dominique Leuenberger
+
+- Drop bc BuildRequires: not needed.
util-linux-systemd.changes: same change
--- /work/SRC/openSUSE:Factory/util-linux/util-linux.changes 2019-03-08 12:00:40.715962240 +0100
+++ /work/SRC/openSUSE:Factory/.util-linux.new.5148/util-linux.changes 2019-05-21 10:19:20.927636638 +0200
@@ -1,0 +2,21 @@
+Thu May 9 21:00:29 CEST 2019 - sbrabec@suse.com
+
+- Update to version 2.33.2 (bsc#1134337):
+ * agetty: Fix 8-bit processing in get_logname() (bsc#1125886).
+ * mount: Fix "mount" output for net file systems (bsc#1122417).
+ * Many Other fixes, see
+ https://www.kernel.org/pub/linux/utils/util-linux/v2.33/v2.33.2-ReleaseNotes
+
+-------------------------------------------------------------------
+Thu May 2 23:51:45 CEST 2019 - sbrabec@suse.com
+
+- Fix problems in reading of login.defs values (bsc#1121197,
+ util-linux-login_defs-priority1.patch,
+ util-linux-login_defs-priority2.patch,
+ util-linux-login_defs-SYS_UID.patch).
+- Perform one-time reset of /etc/default/su (bsc#1121197).
+- Add virtual symbols for login.defs compatibility (bsc#1121197).
+- Add login.defs safety check util-linux-login_defs-check.sh
+ (bsc#1121197).
+
+-------------------------------------------------------------------
Old:
----
util-linux-2.33.1.tar.sign
util-linux-2.33.1.tar.xz
New:
----
util-linux-2.33.2.tar.sign
util-linux-2.33.2.tar.xz
util-linux-login_defs-SYS_UID.patch
util-linux-login_defs-check.sh
util-linux-login_defs-priority1.patch
util-linux-login_defs-priority2.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python3-libmount.spec ++++++
--- /var/tmp/diff_new_pack.Rmm2EA/_old 2019-05-21 10:19:21.831636454 +0200
+++ /var/tmp/diff_new_pack.Rmm2EA/_new 2019-05-21 10:19:21.831636454 +0200
@@ -75,7 +75,6 @@
License: GPL-2.0-or-later
Group: %main_group
BuildRequires: audit-devel
-BuildRequires: bc
BuildRequires: binutils-devel
BuildRequires: fdupes
BuildRequires: gettext-devel
@@ -116,7 +115,7 @@
%endif
%endif
#END SECOND STAGE DEPENDENCIES
-Version: 2.33.1
+Version: 2.33.2
Release: 0
# util-linux is a base package and uuidd pre-requiring pwdutils pulls
# that into the core build cycle. pwdutils also pulls in the whole
@@ -127,6 +126,7 @@
Url: https://www.kernel.org/pub/linux/utils/util-linux/
Source: https://www.kernel.org/pub/linux/utils/util-linux/v2.33/util-linux-%{version}.tar.xz
Source1: util-linux-rpmlintrc
+Source2: util-linux-login_defs-check.sh
Source4: raw.service
Source5: etc.raw
Source6: etc_filesystems
@@ -145,6 +145,12 @@
Patch0: make-sure-sbin-resp-usr-sbin-are-in-PATH.diff
Patch1: libmount-print-a-blacklist-hint-for-unknown-filesyst.patch
Patch2: Add-documentation-on-blacklisted-modules-to-mount-8-.patch
+# PATCH-FIX-UPSTREAM util-linux-login_defs-priority1.patch bsc1121197 sbrabec@suse.com -- Fix priorities of login.defs values.
+Patch3: util-linux-login_defs-priority1.patch
+# PATCH-FIX-UPSTREAM util-linux-login_defs-priority2.patch bsc1121197 sbrabec@suse.com -- Fix priorities of login.defs values.
+Patch4: util-linux-login_defs-priority2.patch
+# PATCH-FIX-UPSTREAM util-linux-login_defs-SYS_UID.patch bsc1121197 sbrabec@suse.com -- Fix discrepancies in SYS_UID* fallback.
+Patch5: util-linux-login_defs-SYS_UID.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
#
%if %build_util_linux
@@ -174,6 +180,10 @@
# uuid-runtime appeared in SLE11 SP1 to SLE11 SP3
Provides: uuid-runtime = %{version}-%{release}
Obsoletes: uuid-runtime <= 2.19.1
+# All login.defs variables require support from shadow side.
+# Upgrade this symbol version only if new variables appear!
+# Verify by shadow-login_defs-check.sh from shadow source package.
+Requires: login_defs-support-for-util-linux >= 2.33.1
#
# Using "Requires" here would lend itself to help upgrading, but since
# util-linux is in the initial bootstrap, that is not a good thing to do:
@@ -380,11 +390,16 @@
%endif
%prep
%setup -q -n %{_name}-%{version}
+cp -a %{S:2} .
%patch0 -p1
%patch1 -p1
%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
%build
+bash ./util-linux-login_defs-check.sh
%if %build_util_linux
#
#BEGIN SYSTEMD SAFETY CHECK
@@ -720,12 +735,6 @@
%if %build_util_linux
%pre
%service_add_pre raw.service
-# Check whether we are upgrading from < Leap 15 or SLE 15
-# Check for /sbin/su and not /usr/sbin/su, as it exists in all old versions.
-# (bsc#353876#c7)
-if test -e /bin/su && ! ( LANG=C su --help 2>/dev/null) | grep -q -- --pty ; then
- touch %{_sysconfdir}/default/su.needs_ALWAYS_SET_ROOT 2>/dev/null || :
-fi
%post
%service_add_post raw.service
@@ -749,19 +758,19 @@
fi
done
# %{_sysconfdir}/default/su is tagged as noreplace.
-# But we want to upgrade to a more secure default on upgrade.
-# Perform one-time change of ALWAYS_SET_ROOT. (bsc#353876#c7)
-if test -f %{_sysconfdir}/default/su.needs_ALWAYS_SET_ROOT -a -f %{_sysconfdir}/default/su &&
- grep -q ^ALWAYS_SET_PATH=no %{_sysconfdir}/default/su ; then
+# But we want to migrate variables to /etc/login.defs (bsc#1121197).
+# Perform one-time config replace.
+if ! grep -q "^# /etc/default/su is an override" %{_sysconfdir}/default/su ; then
+ if test -f %{_sysconfdir}/default/su.rpmnew ; then
if ! test -f %{_sysconfdir}/default/su.rpmorig ; then
cp -a %{_sysconfdir}/default/su %{_sysconfdir}/default/su.rpmorig
fi
- sed -i s/^ALWAYS_SET_PATH=no/ALWAYS_SET_PATH=yes/ %{_sysconfdir}/default/su
- echo "One time change of %{_sysconfdir}/default/su was performed." >&2
- echo "ALWAYS_SET_PATH was set to more secure value \"yes\"." >&2
- echo "If it is not intended, you can safely change it back. It will not be changed again." >&2
+ mv %{_sysconfdir}/default/su.rpmnew %{_sysconfdir}/default/su
+ echo "One time clean-up of %{_sysconfdir}/default/su was performed." >&2
+ echo "Original contents was saved to %{_sysconfdir}/default/su.rpmorig." >&2
+ echo "Please edit %{_sysconfdir}/login.defs or %{_sysconfdir}/default/su to restore your customization." >&2
+ fi
fi
-rm -f %{_sysconfdir}/default/su.needs_ALWAYS_SET_ROOT
%preun
%service_del_preun raw.service
util-linux-systemd.spec: same change
++++++ util-linux.spec ++++++
--- /var/tmp/diff_new_pack.Rmm2EA/_old 2019-05-21 10:19:21.899636440 +0200
+++ /var/tmp/diff_new_pack.Rmm2EA/_new 2019-05-21 10:19:21.899636440 +0200
@@ -115,7 +115,7 @@
%endif
%endif
#END SECOND STAGE DEPENDENCIES
-Version: 2.33.1
+Version: 2.33.2
Release: 0
# util-linux is a base package and uuidd pre-requiring pwdutils pulls
# that into the core build cycle. pwdutils also pulls in the whole
@@ -126,6 +126,7 @@
Url: https://www.kernel.org/pub/linux/utils/util-linux/
Source: https://www.kernel.org/pub/linux/utils/util-linux/v2.33/util-linux-%{version}.tar.xz
Source1: util-linux-rpmlintrc
+Source2: util-linux-login_defs-check.sh
Source4: raw.service
Source5: etc.raw
Source6: etc_filesystems
@@ -144,6 +145,12 @@
Patch0: make-sure-sbin-resp-usr-sbin-are-in-PATH.diff
Patch1: libmount-print-a-blacklist-hint-for-unknown-filesyst.patch
Patch2: Add-documentation-on-blacklisted-modules-to-mount-8-.patch
+# PATCH-FIX-UPSTREAM util-linux-login_defs-priority1.patch bsc1121197 sbrabec@suse.com -- Fix priorities of login.defs values.
+Patch3: util-linux-login_defs-priority1.patch
+# PATCH-FIX-UPSTREAM util-linux-login_defs-priority2.patch bsc1121197 sbrabec@suse.com -- Fix priorities of login.defs values.
+Patch4: util-linux-login_defs-priority2.patch
+# PATCH-FIX-UPSTREAM util-linux-login_defs-SYS_UID.patch bsc1121197 sbrabec@suse.com -- Fix discrepancies in SYS_UID* fallback.
+Patch5: util-linux-login_defs-SYS_UID.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
#
%if %build_util_linux
@@ -173,6 +180,10 @@
# uuid-runtime appeared in SLE11 SP1 to SLE11 SP3
Provides: uuid-runtime = %{version}-%{release}
Obsoletes: uuid-runtime <= 2.19.1
+# All login.defs variables require support from shadow side.
+# Upgrade this symbol version only if new variables appear!
+# Verify by shadow-login_defs-check.sh from shadow source package.
+Requires: login_defs-support-for-util-linux >= 2.33.1
#
# Using "Requires" here would lend itself to help upgrading, but since
# util-linux is in the initial bootstrap, that is not a good thing to do:
@@ -379,11 +390,16 @@
%endif
%prep
%setup -q -n %{_name}-%{version}
+cp -a %{S:2} .
%patch0 -p1
%patch1 -p1
%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
%build
+bash ./util-linux-login_defs-check.sh
%if %build_util_linux
#
#BEGIN SYSTEMD SAFETY CHECK
@@ -719,12 +735,6 @@
%if %build_util_linux
%pre
%service_add_pre raw.service
-# Check whether we are upgrading from < Leap 15 or SLE 15
-# Check for /sbin/su and not /usr/sbin/su, as it exists in all old versions.
-# (bsc#353876#c7)
-if test -e /bin/su && ! ( LANG=C su --help 2>/dev/null) | grep -q -- --pty ; then
- touch %{_sysconfdir}/default/su.needs_ALWAYS_SET_ROOT 2>/dev/null || :
-fi
%post
%service_add_post raw.service
@@ -748,19 +758,19 @@
fi
done
# %{_sysconfdir}/default/su is tagged as noreplace.
-# But we want to upgrade to a more secure default on upgrade.
-# Perform one-time change of ALWAYS_SET_ROOT. (bsc#353876#c7)
-if test -f %{_sysconfdir}/default/su.needs_ALWAYS_SET_ROOT -a -f %{_sysconfdir}/default/su &&
- grep -q ^ALWAYS_SET_PATH=no %{_sysconfdir}/default/su ; then
+# But we want to migrate variables to /etc/login.defs (bsc#1121197).
+# Perform one-time config replace.
+if ! grep -q "^# /etc/default/su is an override" %{_sysconfdir}/default/su ; then
+ if test -f %{_sysconfdir}/default/su.rpmnew ; then
if ! test -f %{_sysconfdir}/default/su.rpmorig ; then
cp -a %{_sysconfdir}/default/su %{_sysconfdir}/default/su.rpmorig
fi
- sed -i s/^ALWAYS_SET_PATH=no/ALWAYS_SET_PATH=yes/ %{_sysconfdir}/default/su
- echo "One time change of %{_sysconfdir}/default/su was performed." >&2
- echo "ALWAYS_SET_PATH was set to more secure value \"yes\"." >&2
- echo "If it is not intended, you can safely change it back. It will not be changed again." >&2
+ mv %{_sysconfdir}/default/su.rpmnew %{_sysconfdir}/default/su
+ echo "One time clean-up of %{_sysconfdir}/default/su was performed." >&2
+ echo "Original contents was saved to %{_sysconfdir}/default/su.rpmorig." >&2
+ echo "Please edit %{_sysconfdir}/login.defs or %{_sysconfdir}/default/su to restore your customization." >&2
+ fi
fi
-rm -f %{_sysconfdir}/default/su.needs_ALWAYS_SET_ROOT
%preun
%service_del_preun raw.service
++++++ su.default ++++++
--- /var/tmp/diff_new_pack.Rmm2EA/_old 2019-05-21 10:19:22.079636404 +0200
+++ /var/tmp/diff_new_pack.Rmm2EA/_new 2019-05-21 10:19:22.079636404 +0200
@@ -1,14 +1,8 @@
-# Per default, only "su -" will set a new PATH.
-# If this variable is set to "yes" (default is "no"),
-# every su call will overwrite the PATH variable.
+# /etc/default/su is an override for /etc/login.defs for su and runuser
+# (It is also read as a fallback for login.)
+#
+# See /etc/login.defs, su(1) or runuser(1) for more.
+#
+# List of su/runuser variables:
+# ALWAYS_SET_PATH, ENV_PATH, ENV_ROOTPATH, ENV_SUPATH, FAIL_DELAY
#
-# The recommended default is "yes". The default "no" behavior could have
-# a security implication in applications that use commands without path.
-ALWAYS_SET_PATH=yes
-
-# Default path.
-PATH=/usr/local/bin:/bin:/usr/bin
-
-# Default path for a user invoking su to root.
-SUPATH=/usr/sbin:/bin:/usr/bin:/sbin
-
++++++ util-linux-2.33.1.tar.xz -> util-linux-2.33.2.tar.xz ++++++
++++ 73312 lines of diff (skipped)
++++++ util-linux-login_defs-SYS_UID.patch ++++++
From 0d37969cbe2cb85d9c01f78071528a8a7c789f96 Mon Sep 17 00:00:00 2001
From: Stanislav Brabec
Date: Wed, 24 Apr 2019 11:16:53 +0200
Subject: [PATCH] lslogins: Fix discrepancies of SYS_UID_MIN
util-linux does not contain useradd. Its most popular implementation
comes from shadow. SYS_UID_MIN is one of common parameters. Its
hardcoded fallback value is equal to 101 in shadow useradd (see
shadow-4.6/libmisc/find_new_uid.c: get_ranges()), but 201 in
login-utils/lslogins.c.
Let lslogins use the same fallback as useradd from shadow.
Hopefully most distros define its custom value of SYS_UID_MIN in
/etc/login.defs, so this problem is not visible.
login-utils/lslogins.1 does not mention its default at all. Add a
reference and improve text of lslogins(1) to prevent off-by-one
interpretation.
Signed-off-by: Stanislav Brabec
Signed-off-by: Karel Zak
---
login-utils/lslogins.1 | 6 +++---
login-utils/lslogins.c | 2 +-
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/login-utils/lslogins.1 b/login-utils/lslogins.1
index 5aa14c706..f003ef264 100644
--- a/login-utils/lslogins.1
+++ b/login-utils/lslogins.1
@@ -92,9 +92,9 @@ Display information related to login by password (see also \fB\-afL).
Raw output (no columnation).
.TP
\fB\-s\fR, \fB\-\-system\-accs\fR
-Show system accounts. These are by default all accounts with a UID below 1000
-(non-inclusive), with the exception of either nobody or nfsnobody (UID 65534).
-This hardcoded default maybe overwritten by parameters SYS_UID_MIN and SYS_UID_MAX in
+Show system accounts. These are by default all accounts with a UID between 101 and 999
+(inclusive), with the exception of either nobody or nfsnobody (UID 65534).
+This hardcoded default may be overwritten by parameters SYS_UID_MIN and SYS_UID_MAX in
the file /etc/login.defs.
.TP
\fB\-\-time\-format\fR \fItype\fP
diff --git a/login-utils/lslogins.c b/login-utils/lslogins.c
index efb20a4f7..3d9c9b97a 100644
--- a/login-utils/lslogins.c
+++ b/login-utils/lslogins.c
@@ -74,7 +74,7 @@ static int lslogins_flag;
#define UL_UID_MIN 1000
#define UL_UID_MAX 60000
-#define UL_SYS_UID_MIN 201
+#define UL_SYS_UID_MIN 101
#define UL_SYS_UID_MAX 999
/* we use the value of outmode to determine
--
2.21.0
++++++ util-linux-login_defs-check.sh ++++++
#!/bin/bash
# Extract list of variables supported by su/runuser.
#
# If you edit this file, you will probably need to edit
# shadow-login_defs-check.sh from shadow sources in a similar way.
set -o errexit
echo -n "Checking login.defs variables in util-linux... " >&2
(
grep -rh getlogindefs . |
sed -n 's/^.*getlogindefs[a-z_]*("\([A-Z0-9_]*\)".*$/\1/p'
grep -rh logindefs_setenv . |
sed -n 's/^.*logindefs_setenv*("[A-Z0-9_]*", "\([A-Z0-9_]*\)".*$/\1/p'
) | LC_ALL=C sort -u >util-linux-login_defs-vars.lst
if test $(sha1sum util-linux-login_defs-vars.lst | sed 's/ .*$//') != a9c56a10a4b5a0afb63c9208b8ca0cb1b46a8429 ; then
echo "does not match!" >&2
echo "Checksum is: $(sha1sum util-linux-login_defs-vars.lst | sed 's/ .*$//')" >&2
cat >&2 <&2
(
grep -rh getlogindefs login-utils/su-common.c |
sed -n 's/^.*getlogindefs[a-z_]*("\([A-Z0-9_]*\)".*$/\1/p'
grep -rh logindefs_setenv login-utils/su-common.c |
sed -n 's/^.*logindefs_setenv*("[A-Z0-9_]*", "\([A-Z0-9_]*\)".*$/\1/p'
) | LC_ALL=C sort -u | tr '\n' ' ' | sed 's/ /, /g;s/, $//' >&2
echo -e '\n' >&2
exit 1
else
echo "OK" >&2
fi
++++++ util-linux-login_defs-priority1.patch ++++++
From 15a191f6d30dfe202a080a3d90968b63d695a29f Mon Sep 17 00:00:00 2001
From: Stanislav Brabec
Date: Thu, 10 Jan 2019 01:28:53 +0100
Subject: [PATCH 1/2] su-common.c: prefer /etc/default/su over login.defs
su(1) documentation says:
/etc/default/su command specific logindef config file
/etc/login.defs global logindef config file
It indirectly indicates that /etc/default/su should take precedence
over /etc/login.defs.
But the reverse is true. It is not possible to define ENV_PATH in
/etc/login.defs and then make su specific customization in
/etc/default/su. We need to change read order to match the documented
behavior.
Signed-off-by: Stanislav Brabec
---
login-utils/su-common.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/login-utils/su-common.c b/login-utils/su-common.c
index e0604e246..19074247c 100644
--- a/login-utils/su-common.c
+++ b/login-utils/su-common.c
@@ -1229,8 +1229,8 @@ static void load_config(void *data)
struct su_context *su = (struct su_context *) data;
DBG(MISC, ul_debug("loading logindefs"));
- logindefs_load_file(su->runuser ? _PATH_LOGINDEFS_RUNUSER : _PATH_LOGINDEFS_SU);
logindefs_load_file(_PATH_LOGINDEFS);
+ logindefs_load_file(su->runuser ? _PATH_LOGINDEFS_RUNUSER : _PATH_LOGINDEFS_SU);
}
/*
--
2.20.1
++++++ util-linux-login_defs-priority2.patch ++++++
From 86f42e5a2a9d8a483ad0ca85fdf090172fb4d385 Mon Sep 17 00:00:00 2001
From: Stanislav Brabec
Date: Thu, 10 Jan 2019 01:28:54 +0100
Subject: [PATCH 2/2] su-common.c: prefer ENV_SUPATH over ENV_ROOTPATH
ENV_SUPATH and ENV_ROOTPATH are equivalent and ENV_ROOTPATH takes
precedence in both login and su. It makes no sense. More logical would be
precedence of ENV_SUPATH in su and ENV_ROOTPATH in login.
Signed-off-by: Stanislav Brabec
---
login-utils/login.1 | 2 +-
login-utils/runuser.1 | 2 +-
login-utils/su-common.c | 4 ++--
login-utils/su.1 | 2 +-
4 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/login-utils/login.1 b/login-utils/login.1
index cb8addec3..b73eae147 100644
--- a/login-utils/login.1
+++ b/login-utils/login.1
@@ -282,7 +282,7 @@ a regular user logs in. The default value is
(string)
.RS 4
If set, it will be used to define the PATH environment variable when
-the superuser logs in. The default value is
+the superuser logs in. ENV_ROOTPATH takes precedence. The default value is
.I /usr\:/local\:/sbin:\:/usr\:/local\:/bin:\:/sbin:\:/bin:\:/usr\:/sbin:\:/usr\:/bin
.RE
.SH FILES
diff --git a/login-utils/runuser.1 b/login-utils/runuser.1
index bf0d02471..221672200 100644
--- a/login-utils/runuser.1
+++ b/login-utils/runuser.1
@@ -183,7 +183,7 @@ default value is
.B ENV_SUPATH
(string)
.RS 4
-Defines the PATH environment variable for root. The default value is
+Defines the PATH environment variable for root. ENV_SUPATH takes precedence. The default value is
.IR /usr/local/sbin:\:/usr/local/bin:\:/sbin:\:/bin:\:/usr/sbin:\:/usr/bin .
.RE
.PP
diff --git a/login-utils/su-common.c b/login-utils/su-common.c
index 19074247c..0e44eb87c 100644
--- a/login-utils/su-common.c
+++ b/login-utils/su-common.c
@@ -989,8 +989,8 @@ static void setenv_path(const struct passwd *pw)
if (pw->pw_uid)
rc = logindefs_setenv("PATH", "ENV_PATH", _PATH_DEFPATH);
- else if ((rc = logindefs_setenv("PATH", "ENV_ROOTPATH", NULL)) != 0)
- rc = logindefs_setenv("PATH", "ENV_SUPATH", _PATH_DEFPATH_ROOT);
+ else if ((rc = logindefs_setenv("PATH", "ENV_SUPATH", NULL)) != 0)
+ rc = logindefs_setenv("PATH", "ENV_ROOTPATH", _PATH_DEFPATH_ROOT);
if (rc)
err(EXIT_FAILURE, _("failed to set the PATH environment variable"));
diff --git a/login-utils/su.1 b/login-utils/su.1
index d6a064fd2..5ae6d6b2d 100644
--- a/login-utils/su.1
+++ b/login-utils/su.1
@@ -209,7 +209,7 @@ default value is
.B ENV_SUPATH
(string)
.RS 4
-Defines the PATH environment variable for root. The default value is
+Defines the PATH environment variable for root. ENV_SUPATH takes precedence. The default value is
.IR /usr/local/sbin:\:/usr/local/bin:\:/sbin:\:/bin:\:/usr/sbin:\:/usr/bin .
.RE
.PP
--
2.20.1