From: Karel Zak <kzak@redhat.com>
Date: Wed, 7 May 2025 09:34:26 +0000 (+0200)
Subject: login: protect COLORTERM and NO_COLOR env. variables
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=aa339595eaa2172142070218fee7072051e81584;p=thirdparty%2Futil-linux.git

login: protect COLORTERM and NO_COLOR env. variables

Fixes: https://github.com/util-linux/util-linux/issues/3463
Signed-off-by: Karel Zak <kzak@redhat.com>
---

diff --git a/login-utils/login.1.adoc b/login-utils/login.1.adoc
index fb4736c06..7df38a128 100644
--- a/login-utils/login.1.adoc
+++ b/login-utils/login.1.adoc
@@ -28,7 +28,9 @@ If password aging has been enabled for the account, the user may be prompted for
 
 The user and group ID will be set according to their values in the _/etc/passwd_ file. There is one exception if the user ID is zero. In this case, only the primary group ID of the account is set. This should allow the system administrator to login even in case of network problems. The environment variable values for *$HOME*, *$USER*, *$SHELL*, *$PATH*, *$LOGNAME*, and *$MAIL* are set according to the appropriate fields in the password entry. *$PATH* defaults to _/usr/local/bin:/bin:/usr/bin_ for normal users, and to _/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin_ for root, if not otherwise configured.
 
-The environment variable *$TERM* will be preserved, if it exists, else it will be initialized to the terminal type on your tty. Other environment variables are preserved if the *-p* option is given.
+The environment variable *$TERM* will be preserved, if it exists, else it will be initialized to the terminal type on your tty. The environment variables *$COLORTERM* and *$NO_COLOR* will be preserved if they exist.
+
+Other environment variables are preserved if the *-p* option is given or if *LOGIN_ENV_SAFELIST* defined in _/etc/login.defs_ (see below).
 
 The environment variables defined by PAM are always preserved.
 
diff --git a/login-utils/login.c b/login-utils/login.c
index 321f9d6ce..bd301da81 100644
--- a/login-utils/login.c
+++ b/login-utils/login.c
@@ -1194,6 +1194,8 @@ static void init_environ(struct login_context *cxt)
 	int len, i;
 
 	saved = env_list_add_getenv(NULL, "TERM", "dumb");
+	saved = env_list_add_getenv(saved, "COLORTERM", NULL);
+	saved = env_list_add_getenv(saved, "NO_COLOR", NULL);
 
 	/* destroy environment unless user has requested preservation (-p) */
 	if (!cxt->keep_env) {