Why does .pam_environment not include $HOME in my new path?

This is apparently an old issue (as in 15 years old). The "fix" at them time was:

* Note that HOME may not be useful in pam_environment, closes: #109281

The Linux PAM site also says as much:

Note that many environment variables that you would like to use may not be set by the time the module is called. For example, HOME is used below several times, but many PAM applications don't make it available by the time you need it.

Apparently, someone bothered to patch pam_env for it over on Fedora.

Anyway, on Debian-based systems, a crude way is to use:

HOME=/home/@{PAM_USER}

Before referencing ${HOME}. This could be done in /etc/security/pam_env.conf, for example. Of course, this will break where the user's home directory is not /home/$USER.

As of PAM version 1.2.0, you can use @{HOME} instead of ${HOME} and it will work consistently: https://github.com/linux-pam/linux-pam/commit/73bdfac8c091492f466342feb8f2f5daa2f4c39b

Why does .pam_environment not include $HOME in my new path?

Tags:

Ubuntu

Environment Variables

Pam

Related

Recent Posts