Why doesn't my environment variable get set?
As you have identified, your environment variables should be set in ~/.pam_environment as recommended on https://help.ubuntu.com/community/EnvironmentVariables. Easier said than done ;)
It is possible that you ran into the same configuration gap that existed for me. See the workaround for encrypted home below.
My ~/.pam_environment:
PATH DEFAULT=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:${HOME}/bin
IDEA_JDK DEFAULT=${HOME}/Applications/jdk
Why the ugly static path? ${PATH} would not work for me. I bricked my login several times trying to work around it so I am sticking with the ugly static copy of the defaults :)
Workaround for encrypted home folders
In Ubuntu releases up to and including Ubuntu 12.04 (Precise Pangolin) Beta 2, if you are using an encrypted home directory you will need to modify /etc/pam.d/common-session to get it to load ~/.pam_environment. This solution apparently works for earlier releases, but I have not tested it.
Guenther Montag (g-montag) wrote on 2010-08-19:
This seems to be an issue with encrypted home directories. I added
session required pam_env.so
at the end of /etc/pam.d/common-session and now ~/.pam_environment gets read. On another system without encrypted home directories (also 10.04) the work around is not needed. Perhaps in my case the system tries to read ~/.pam_environment before it is decrypted.
Stick to the simple "key=value" syntax in the ~/.pam_environment file. No DEFAULT, OVERRIDE, ${HOME}, no nothing. Just key=value. The man page you linked to is for pam_env.conf, only. See "man 8 pam_env" which does not promise anything else "This module can also parse a file with simple KEY=VAL pairs on separate lines.".
By the way putting something like PATH=${PATH}:more/paths in ./pam_environment is a great way to break almost any attempt to login, since the PATH gets set to ${PATH}:more/paths literally (not much to be found there). To rescue, "/bin/mv .pam_environment out_of_the_way" and re-login.