pam_namespace: don't use bashisms in default namespace.init script

* modules/pam_namespace/pam_namespace.c: call setuid() before execing the
namespace init script, so that scripts run with maximum privilege regardless
of the shell implementation.
* modules/pam_namespace/namespace.init: drop the '-p' bashism from the
shebang line

This is not a POSIX standard option, it's a bashism.  The bash manpage says
that it's used to prevent the effective user id from being reset to the real
user id on startup, and to ignore certain unsafe variables from the
environment.

In the case of pam_namespace, the -p is not necessary for environment
sanitizing because the PAM module (properly) sanitizes the environment
before execing the script.

The stated reason given in CVS history for passing -p is to "preserve euid
when called from setuid apps (su, newrole)."  This should be done more
portably, by calling setuid() before spawning the shell.

Signed-off-by: Steve Langasek <vorlon@debian.org>
Bug-Debian: http://bugs.debian.org/624842
Bug-Ubuntu: https://bugs.launchpad.net/bugs/1081323

1 files changed, 1 insertions, 1 deletions

diff --git a/modules/pam_namespace/namespace.init b/modules/pam_namespace/namespace.init
index 9ab58062..67d4aa2d 100755
--- a/modules/pam_namespace/namespace.init
+++ b/modules/pam_namespace/namespace.init
@@ -1,4 +1,4 @@
-#!/bin/sh -p
+#!/bin/sh
 # It receives polydir path as $1, the instance path as $2,
 # a flag whether the instance dir was newly created (0 - no, 1 - yes) in $3,
 # and user name in $4.