[libvirt] [PATCH 15/17] virt-login-shell: fully reset container environment
John Ferlan
jferlan at redhat.com
Wed Apr 27 19:08:38 UTC 2016
On 04/14/2016 11:22 AM, Daniel P. Berrange wrote:
> The virt-login-shell environment will be initialized with
> an arbitrary number of environment variables determined
> by the SSH daemon and PAM configuration. Most of these are
> not relevant inside the container, and at best they are
> noise and at worst they'll break apps. For example if
> XDG_RUNTIME_DIR is leaked to the container, it'll break
> any apps using it, since the directory it points to is
> only visible to the host OS filesystem, not the container
> FS.
>
> Use clearenv() to blank out everything and then set known
> good values for PATH, SHELL, USER, LOGNAME and TERM. Everything
> else is left up to the login shell to initialize.
>
> Signed-off-by: Daniel P. Berrange <berrange at redhat.com>
> ---
> tools/virt-login-shell.c | 16 ++++++++++++++--
> 1 file changed, 14 insertions(+), 2 deletions(-)
>
ACK
John
More information about the libvir-list
mailing list