From nobody@FreeBSD.org  Fri Jan 24 20:52:50 2014
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1])
	(using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by hub.freebsd.org (Postfix) with ESMTPS id 51451C08
	for <freebsd-gnats-submit@FreeBSD.org>; Fri, 24 Jan 2014 20:52:50 +0000 (UTC)
Received: from oldred.freebsd.org (oldred.freebsd.org [IPv6:2001:1900:2254:206a::50:4])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.freebsd.org (Postfix) with ESMTPS id 230E11798
	for <freebsd-gnats-submit@FreeBSD.org>; Fri, 24 Jan 2014 20:52:50 +0000 (UTC)
Received: from oldred.freebsd.org ([127.0.1.6])
	by oldred.freebsd.org (8.14.5/8.14.7) with ESMTP id s0OKqntn009487
	for <freebsd-gnats-submit@FreeBSD.org>; Fri, 24 Jan 2014 20:52:49 GMT
	(envelope-from nobody@oldred.freebsd.org)
Received: (from nobody@localhost)
	by oldred.freebsd.org (8.14.5/8.14.5/Submit) id s0OKqni8009481;
	Fri, 24 Jan 2014 20:52:49 GMT
	(envelope-from nobody)
Message-Id: <201401242052.s0OKqni8009481@oldred.freebsd.org>
Date: Fri, 24 Jan 2014 20:52:49 GMT
From: Glen Neff <glen.neff@emc.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: Default shell config files in /usr/share/skel/ override path set by login.conf/login.conf.db
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         186085
>Category:       conf
>Synopsis:       Default shell config files in /usr/share/skel/ override path set by login.conf/login.conf.db
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    bdrewery
>State:          patched
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Jan 24 21:00:00 UTC 2014
>Closed-Date:    
>Last-Modified:  Mon Apr 14 18:10:01 UTC 2014
>Originator:     Glen Neff
>Release:        9.2-RELEASE
>Organization:
EMC
>Environment:
FreeBSD gneffpc.nas-v6.rtp.lab.emc.com 9.2-RELEASE FreeBSD 9.2-RELEASE #0: Tue Dec 17 12:21:08 EST 2013     root@gneffpc.nas-v6.rtp.lab.emc.com:/usr/obj/usr/src/sys/gneffpc  amd64
>Description:
/etc/login.conf is a "flat-file" that defines, amongst other things, the default path for the system.  cap_mkdb(1) is used to write a hashed database of these settings to /etc/login.conf.db.

The problem, however, is that this default system path is overridden by the default per-user shell config files in /usr/share/skel/, specifically the dot.cshrc (which affects csh & tcsh) & dot.profile (which affects sh & bash).

This becomes a problem when you attempt to change the system path via /etc/login.conf & cap_mkdb(1) and your changes are nullified by the .cshrc and/or .profile files in users's home directories copied from /usr/share/skel/.
>How-To-Repeat:
Add/remove directories from the path in /etc/login.conf, run 'cap_mkdb /etc/login.conf', then login as a user with .cshrc and/or .profile files copied from /usr/share/skel/dot.cshrc & /usr/share/skel/dot.profile.
>Fix:
Remove path settings from the following files in /usr/share/skel/:

dot.cshrc
dot.profile

Patch attached with submission follows:

diff -ruN share/skel.old/dot.cshrc share/skel/dot.cshrc
--- share/skel.old/dot.cshrc	2013-09-26 21:03:29.000000000 -0400
+++ share/skel/dot.cshrc	2014-01-24 15:48:17.000000000 -0500
@@ -15,8 +15,6 @@
 # A righteous umask
 umask 22
 
-set path = (/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin $HOME/bin)
-
 setenv	EDITOR	vi
 setenv	PAGER	more
 setenv	BLOCKSIZE	K
diff -ruN share/skel.old/dot.profile share/skel/dot.profile
--- share/skel.old/dot.profile	2013-09-26 21:03:29.000000000 -0400
+++ share/skel/dot.profile	2014-01-24 15:48:31.000000000 -0500
@@ -5,9 +5,6 @@
 # see also sh(1), environ(7).
 #
 
-# remove /usr/games if you want
-PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/games:/usr/local/sbin:/usr/local/bin:$HOME/bin; export PATH
-
 # Setting TERM is normally done through /etc/ttys.  Do only override
 # if you're sure that you'll never log in via telnet or xterm or a
 # serial line.


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->bdrewery 
Responsible-Changed-By: bdrewery 
Responsible-Changed-When: Mon Apr 14 13:01:11 CDT 2014 
Responsible-Changed-Why:  
I'll take it. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=186085 
State-Changed-From-To: open->patched 
State-Changed-By: bdrewery 
State-Changed-When: Mon Apr 14 13:07:06 CDT 2014 
State-Changed-Why:  
Committed to head, will MFC later. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=186085 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: conf/186085: commit references a PR
Date: Mon, 14 Apr 2014 18:07:04 +0000 (UTC)

 Author: bdrewery
 Date: Mon Apr 14 18:07:00 2014
 New Revision: 264465
 URL: http://svnweb.freebsd.org/changeset/base/264465
 
 Log:
   Prefer /etc/login.conf for some of these environment values.
   
   PR:		conf/186085
   Reported by:	Glen Neff <glen.neff@emc.com>
   MFC after:	2 weeks
   Sponsored by:	EMC
 
 Modified:
   head/share/skel/dot.cshrc
   head/share/skel/dot.profile
 
 Modified: head/share/skel/dot.cshrc
 ==============================================================================
 --- head/share/skel/dot.cshrc	Mon Apr 14 17:54:01 2014	(r264464)
 +++ head/share/skel/dot.cshrc	Mon Apr 14 18:07:00 2014	(r264465)
 @@ -12,14 +12,15 @@ alias la	ls -aF
  alias lf	ls -FA
  alias ll	ls -lAF
  
 +# These are normally set through /etc/login.conf.  You may override them here
 +# if wanted.
 +# set path = (/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin $HOME/bin)
 +# setenv	BLOCKSIZE	K
  # A righteous umask
 -umask 22
 -
 -set path = (/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin $HOME/bin)
 +# umask 22
  
  setenv	EDITOR	vi
  setenv	PAGER	more
 -setenv	BLOCKSIZE	K
  
  if ($?prompt) then
  	# An interactive shell -- set some stuff up
 
 Modified: head/share/skel/dot.profile
 ==============================================================================
 --- head/share/skel/dot.profile	Mon Apr 14 17:54:01 2014	(r264464)
 +++ head/share/skel/dot.profile	Mon Apr 14 18:07:00 2014	(r264465)
 @@ -5,15 +5,16 @@
  # see also sh(1), environ(7).
  #
  
 -# remove /usr/games if you want
 -PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/games:/usr/local/sbin:/usr/local/bin:$HOME/bin; export PATH
 +# These are normally set through /etc/login.conf.  You may override them here
 +# if wanted.
 +# PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/games:/usr/local/sbin:/usr/local/bin:$HOME/bin; export PATH
 +# BLOCKSIZE=K;	export BLOCKSIZE
  
  # Setting TERM is normally done through /etc/ttys.  Do only override
  # if you're sure that you'll never log in via telnet or xterm or a
  # serial line.
  # TERM=xterm; 	export TERM
  
 -BLOCKSIZE=K;	export BLOCKSIZE
  EDITOR=vi;   	export EDITOR
  PAGER=more;  	export PAGER
  
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
>Unformatted:
