Bugzilla – Bug 1211799
environment ignored
Last modified: 2023-09-11 03:58:05 UTC
all environments in files /etc/environment.d/* & /etc/environment are ignored by the system.
Same problem on fresh tumbleweed
> kernel: with environment: > plymouthd[508]: 00:00:05.290 main.c:2017:initialize_environment : source built on May 22 2023 > plymouthd[990]: 00:00:08.299 main.c:2017:initialize_environment : source built on May 22 2023 > (systemd)[2073]: pam_env(systemd-user:session): Unable to read configuration file /usr/etc//environment line 8: Missing delimiter > lightdm[1996]: pam_env(lightdm-autologin:session): Unable to read configuration file /usr/etc//environment line 8: Missing delimiter > sudo[5576]: pam_env(sudo:setcred): Unable to read configuration file /usr/etc//environment line 8: Missing delimiter > sudo[5576]: pam_env(sudo:session): Unable to read configuration file /usr/etc//environment line 8: Missing delimiter This happens with any variable. But if you do > source /usr/etc/environment then the variable works without problems
The problem still exists on the latest Tumbleweed snapshot 20230604.
(In reply to Dead Mozay from comment #2) > > source /usr/etc/environment As I understand it, this is only a temporary solution.
(In reply to Dmitry Markov from comment #0) > all environments in files /etc/environment.d/* & /etc/environment are > ignored by the system. Hello, Thanks for your message. pam_env.so will only check environment variable in /etc/environment file not in directory /etc/environment.d/*. If you want to use multiple environment files you need to add the argument "envfile" in the line wher pam_env.so is called in some pam configuration files. To knwo where pam_env is called you can run the following command: `grep "pam_env" /usr/lib/pam.d/* /etc/pam.d/*` But it looks like your /etc/environment file is skipped. From my test, I don't get any issue with that with Tumbleweed image. Could it be possible to have the content of your file /etc/environment please ? (In reply to Dead Mozay from comment #2) > > kernel: with environment: > > plymouthd[508]: 00:00:05.290 main.c:2017:initialize_environment : source built on May 22 2023 > > plymouthd[990]: 00:00:08.299 main.c:2017:initialize_environment : source built on May 22 2023 > > (systemd)[2073]: pam_env(systemd-user:session): Unable to read configuration file /usr/etc//environment line 8: Missing delimiter > > lightdm[1996]: pam_env(lightdm-autologin:session): Unable to read configuration file /usr/etc//environment line 8: Missing delimiter > > sudo[5576]: pam_env(sudo:setcred): Unable to read configuration file /usr/etc//environment line 8: Missing delimiter > > sudo[5576]: pam_env(sudo:session): Unable to read configuration file /usr/etc//environment line 8: Missing delimiter > > This happens with any variable. > But if you do > > source /usr/etc/environment > > then the variable works without problems Thanks for your feedback too. Your /usr/etc/environment file looks to be not well formatted to the pam_env library. Especially at the line 8 where it should miss the delimiter "=". Same, should it be possible to have the content of your /usr/etc/environment file please ?
(In reply to Valentin Lefebvre from comment #5) > (In reply to Dmitry Markov from comment #0) > > all environments in files /etc/environment.d/* & /etc/environment are > > ignored by the system. > > Hello, Thanks for your message. > > pam_env.so will only check environment variable in /etc/environment file not > in directory /etc/environment.d/*. If you want to use multiple environment > files you need to add the argument "envfile" in the line wher pam_env.so is > called in some pam configuration files. To knwo where pam_env is called you > can run the following command: > > `grep "pam_env" /usr/lib/pam.d/* /etc/pam.d/*` > > But it looks like your /etc/environment file is skipped. From my test, I > don't get any issue with that with Tumbleweed image. Could it be possible to > have the content of your file /etc/environment please ? > > > (In reply to Dead Mozay from comment #2) > > > kernel: with environment: > > > plymouthd[508]: 00:00:05.290 main.c:2017:initialize_environment : source built on May 22 2023 > > > plymouthd[990]: 00:00:08.299 main.c:2017:initialize_environment : source built on May 22 2023 > > > (systemd)[2073]: pam_env(systemd-user:session): Unable to read configuration file /usr/etc//environment line 8: Missing delimiter > > > lightdm[1996]: pam_env(lightdm-autologin:session): Unable to read configuration file /usr/etc//environment line 8: Missing delimiter > > > sudo[5576]: pam_env(sudo:setcred): Unable to read configuration file /usr/etc//environment line 8: Missing delimiter > > > sudo[5576]: pam_env(sudo:session): Unable to read configuration file /usr/etc//environment line 8: Missing delimiter > > > > This happens with any variable. > > But if you do > > > source /usr/etc/environment > > > > then the variable works without problems > > Thanks for your feedback too. > > Your /usr/etc/environment file looks to be not well formatted to the pam_env > library. Especially at the line 8 where it should miss the delimiter "=". > Same, should it be possible to have the content of your /usr/etc/environment > file please ? Everything is fine with variables, if you execute source /usr/etc/environment, then the variable starts working without problems and errors. I used these variables long before the error appeared. After some update, the ENV="foobar" variant worked, only in normal quotes, ENV=' foobar' and ENV=foobar, etc. In addition, a non-working option breaks various units, for example, ssh stops working despite the fact that the variable does not concern it at all And it also seems that scripts from /etc/profile.d/* and /usr/etc/profile.d/* stopped working because of this
By the way, I checked in other distributions, there are no problems there.
(In reply to Valentin Lefebvre from comment #5) > (In reply to Dmitry Markov from comment #0) > > all environments in files /etc/environment.d/* & /etc/environment are > > ignored by the system. > > Hello, Thanks for your message. > > pam_env.so will only check environment variable in /etc/environment file not > in directory /etc/environment.d/*. If you want to use multiple environment > files you need to add the argument "envfile" in the line wher pam_env.so is > called in some pam configuration files. To knwo where pam_env is called you > can run the following command: > > `grep "pam_env" /usr/lib/pam.d/* /etc/pam.d/*` > > But it looks like your /etc/environment file is skipped. From my test, I > don't get any issue with that with Tumbleweed image. Could it be possible to > have the content of your file /etc/environment please ? > > > (In reply to Dead Mozay from comment #2) > > > kernel: with environment: > > > plymouthd[508]: 00:00:05.290 main.c:2017:initialize_environment : source built on May 22 2023 > > > plymouthd[990]: 00:00:08.299 main.c:2017:initialize_environment : source built on May 22 2023 > > > (systemd)[2073]: pam_env(systemd-user:session): Unable to read configuration file /usr/etc//environment line 8: Missing delimiter > > > lightdm[1996]: pam_env(lightdm-autologin:session): Unable to read configuration file /usr/etc//environment line 8: Missing delimiter > > > sudo[5576]: pam_env(sudo:setcred): Unable to read configuration file /usr/etc//environment line 8: Missing delimiter > > > sudo[5576]: pam_env(sudo:session): Unable to read configuration file /usr/etc//environment line 8: Missing delimiter > > > > This happens with any variable. > > But if you do > > > source /usr/etc/environment > > > > then the variable works without problems > > Thanks for your feedback too. > > Your /usr/etc/environment file looks to be not well formatted to the pam_env > library. Especially at the line 8 where it should miss the delimiter "=". > Same, should it be possible to have the content of your /usr/etc/environment > file please ? [werwolf@work] ~ ❯ cat /etc/environment TEST_ENV="test" [werwolf@work] ~ ❯ echo $TEST_ENV [werwolf@work] ~ ❯ grep "pam_env" /usr/lib/pam.d/* /etc/pam.d/* /usr/lib/pam.d/common-auth:auth required pam_env.so /usr/lib/pam.d/common-session:session optional pam_env.so /usr/lib/pam.d/common-session-nonlogin:session optional pam_env.so /etc/pam.d/common-auth:auth required pam_env.so /etc/pam.d/common-auth-pc:auth required pam_env.so /etc/pam.d/common-session:session optional pam_env.so /etc/pam.d/common-session-nonlogin:session optional pam_env.so /etc/pam.d/common-session-nonlogin-pc:session optional pam_env.so /etc/pam.d/common-session-pc:session optional pam_env.so
(In reply to Dead Mozay from comment #6) > (In reply to Valentin Lefebvre from comment #5) > > (In reply to Dmitry Markov from comment #0) > > > all environments in files /etc/environment.d/* & /etc/environment are > > > ignored by the system. > > > > Hello, Thanks for your message. > > > > pam_env.so will only check environment variable in /etc/environment file not > > in directory /etc/environment.d/*. If you want to use multiple environment > > files you need to add the argument "envfile" in the line wher pam_env.so is > > called in some pam configuration files. To knwo where pam_env is called you > > can run the following command: > > > > `grep "pam_env" /usr/lib/pam.d/* /etc/pam.d/*` > > > > But it looks like your /etc/environment file is skipped. From my test, I > > don't get any issue with that with Tumbleweed image. Could it be possible to > > have the content of your file /etc/environment please ? > > > > > > (In reply to Dead Mozay from comment #2) > > > > kernel: with environment: > > > > plymouthd[508]: 00:00:05.290 main.c:2017:initialize_environment : source built on May 22 2023 > > > > plymouthd[990]: 00:00:08.299 main.c:2017:initialize_environment : source built on May 22 2023 > > > > (systemd)[2073]: pam_env(systemd-user:session): Unable to read configuration file /usr/etc//environment line 8: Missing delimiter > > > > lightdm[1996]: pam_env(lightdm-autologin:session): Unable to read configuration file /usr/etc//environment line 8: Missing delimiter > > > > sudo[5576]: pam_env(sudo:setcred): Unable to read configuration file /usr/etc//environment line 8: Missing delimiter > > > > sudo[5576]: pam_env(sudo:session): Unable to read configuration file /usr/etc//environment line 8: Missing delimiter > > > > > > This happens with any variable. > > > But if you do > > > > source /usr/etc/environment > > > > > > then the variable works without problems > > > > Thanks for your feedback too. > > > > Your /usr/etc/environment file looks to be not well formatted to the pam_env > > library. Especially at the line 8 where it should miss the delimiter "=". > > Same, should it be possible to have the content of your /usr/etc/environment > > file please ? > > Everything is fine with variables, if you execute source > /usr/etc/environment, then the variable starts working without problems and > errors. I used these variables long before the error appeared. After some > update, the ENV="foobar" variant worked, only in normal quotes, ENV=' > foobar' and ENV=foobar, etc. In addition, a non-working option breaks > various units, for example, ssh stops working despite the fact that the > variable does not concern it at all > > And it also seems that scripts from /etc/profile.d/* and > /usr/etc/profile.d/* stopped working because of this Thanks for this additional information. I understand your concern, but cannot reproduce your issue. Which version of pam do you use ? From your shared log, it shows "/usr/etc//environment line 8: Missing delimiter". Could it be possible to have the content of this line ? To understand why it is complying. Probably a package update it wrongly
(In reply to Valentin Lefebvre from comment #9) > (In reply to Dead Mozay from comment #6) > > (In reply to Valentin Lefebvre from comment #5) > > > (In reply to Dmitry Markov from comment #0) > > > > all environments in files /etc/environment.d/* & /etc/environment are > > > > ignored by the system. > > > > > > Hello, Thanks for your message. > > > > > > pam_env.so will only check environment variable in /etc/environment file not > > > in directory /etc/environment.d/*. If you want to use multiple environment > > > files you need to add the argument "envfile" in the line wher pam_env.so is > > > called in some pam configuration files. To knwo where pam_env is called you > > > can run the following command: > > > > > > `grep "pam_env" /usr/lib/pam.d/* /etc/pam.d/*` > > > > > > But it looks like your /etc/environment file is skipped. From my test, I > > > don't get any issue with that with Tumbleweed image. Could it be possible to > > > have the content of your file /etc/environment please ? > > > > > > > > > (In reply to Dead Mozay from comment #2) > > > > > kernel: with environment: > > > > > plymouthd[508]: 00:00:05.290 main.c:2017:initialize_environment : source built on May 22 2023 > > > > > plymouthd[990]: 00:00:08.299 main.c:2017:initialize_environment : source built on May 22 2023 > > > > > (systemd)[2073]: pam_env(systemd-user:session): Unable to read configuration file /usr/etc//environment line 8: Missing delimiter > > > > > lightdm[1996]: pam_env(lightdm-autologin:session): Unable to read configuration file /usr/etc//environment line 8: Missing delimiter > > > > > sudo[5576]: pam_env(sudo:setcred): Unable to read configuration file /usr/etc//environment line 8: Missing delimiter > > > > > sudo[5576]: pam_env(sudo:session): Unable to read configuration file /usr/etc//environment line 8: Missing delimiter > > > > > > > > This happens with any variable. > > > > But if you do > > > > > source /usr/etc/environment > > > > > > > > then the variable works without problems > > > > > > Thanks for your feedback too. > > > > > > Your /usr/etc/environment file looks to be not well formatted to the pam_env > > > library. Especially at the line 8 where it should miss the delimiter "=". > > > Same, should it be possible to have the content of your /usr/etc/environment > > > file please ? > > > > Everything is fine with variables, if you execute source > > /usr/etc/environment, then the variable starts working without problems and > > errors. I used these variables long before the error appeared. After some > > update, the ENV="foobar" variant worked, only in normal quotes, ENV=' > > foobar' and ENV=foobar, etc. In addition, a non-working option breaks > > various units, for example, ssh stops working despite the fact that the > > variable does not concern it at all > > > > And it also seems that scripts from /etc/profile.d/* and > > /usr/etc/profile.d/* stopped working because of this > > Thanks for this additional information. I understand your concern, but > cannot reproduce your issue. Which version of pam do you use ? > From your shared log, it shows "/usr/etc//environment line 8: Missing > delimiter". Could it be possible to have the content of this line ? To > understand why it is complying. Probably a package update it wrongly pam version 1.5.3-1.3 I can’t show the line, there are private keys and API that the application then uses. And I described the syntax in previous messages, there is nothing unusual there line 8: Missing delimiter" seems to appear if you substitute env or export before the variable. By the way, scripts from /etc/profile.d also use export
(In reply to Dead Mozay from comment #10) > pam version 1.5.3-1.3 > I can’t show the line, there are private keys and API that the application > then uses. > And I described the syntax in previous messages, there is nothing unusual > there > > line 8: Missing delimiter" seems to appear if you substitute env or export > before the variable. By the way, scripts from /etc/profile.d also use export No problem. BTW, "source /usr/etc/environment" resulting in success doesn't mean variables are well formatted. Indeed, this file doesn't support the shell scripting and belongs to pam (Pluggable Authentication Modules). It differs of how we can export variables from script in /etc/profile.d. Furthermore, the error into your logs may appears if you put "export" before a pair variables into environment file. OR any others words at the beginning of a line before the key pairs. Are you sure to have only "KEY=VAL" into your /usr/etc/environment file? And not "export KEY=VAL" or "env KEY=VAL". I continue to investigate to understand how and why you may get this issue
I have the strange things with environments to: Adding to /usr/etc/environment this string: test_val=test but echo $test_val out nothing After rebooting it is starting to work, or after source /usr/etc/environment This is on fresh Tumbleweed rpm -qi pam Name : pam Version : 1.5.3 Release : 1.3 Architecture: x86_64
(In reply to Igor Kuznetsov from comment #12) > I have the strange things with environments to: > > Adding to /usr/etc/environment this string: > > test_val=test > > but echo $test_val out nothing > > After rebooting it is starting to work, or after source /usr/etc/environment > > This is on fresh Tumbleweed > > rpm -qi pam > Name : pam > Version : 1.5.3 > Release : 1.3 > Architecture: x86_64 Yes, that is the normal behavior. As I said in previous messages, /usr/etc/environment belongs to the module pam_env of PAM. Therefor, it will take effects by programs that use the module from the PAM stacks. Basically it uses by sshd, logind and some authentication process. So, if you edit the file, the environment will be set for next authentications: rebooting, login, ssh connection for examples. Nothing is strange here :)
(In reply to Dead Mozay from comment #7) > By the way, I checked in other distributions, there are no problems there. Can I have the list of distributions you have checked please ? Furthermore, do you still have the issue taking care about what I have explained on this comment: (In reply to Valentin Lefebvre from comment #11) > No problem. > BTW, "source /usr/etc/environment" resulting in success doesn't mean > variables are well formatted. Indeed, this file doesn't support the shell > scripting and belongs to pam (Pluggable Authentication Modules). It differs > of how we can export variables from script in /etc/profile.d. > > Furthermore, the error into your logs may appears if you put "export" before > a pair variables into environment file. OR any others words at the beginning > of a line before the key pairs. Are you sure to have only "KEY=VAL" into > your /usr/etc/environment file? And not "export KEY=VAL" or "env KEY=VAL". --- (In reply to Dead Mozay from comment #6) In addition, a non-working option breaks > various units, for example, ssh stops working despite the fact that the > variable does not concern it at all About this comment, this behavior is wanted. It is about security. pam_env, calling by process, will failed if a variable is not well formatted, no matter what process calls it.
I think we can close it, the problem went away with updates