Repositories / jai.git

jai.git

Clone (read-only): git clone http://git.guha-anderson.com/git/jai.git

Branch
CodeHistory

set HOME, USER, and LOGNAME in the sandbox

Author
David Mazieres <dm@uun.org>
Date
2026-03-22 11:52:37 -0700
Commit
29e6fc849af725b82a14dbb1bee6081569f39e74
default_conf.cc
index c4dc1cb..bcbfc2d 100644
--- a/default_conf.cc
+++ b/default_conf.cc
@@ -22,8 +22,12 @@ const std::string jai_defaults =
 # (or in $JAI_CONFIG_DIR, if set).  However, jai works best if the
 # storage directory is not on NFS.  If your home directory is on NFS,
 # use a `storage` directive to specify a local storage location.
+# Environment variables named in ${...} will be substituted.  The
+# storage directory will automatically be organized into per-sandbox
+# subdirectories, so most configurations should use the sandbox
+# location.
 
-# storage /some/local/directory
+# storage /some/local/directory/${JAI_USER}/.jai
 
 # The default mode is strict for all named jails and casual for the
 # default jail.  A strict jail runs under the dedicated jai UID and
@@ -93,20 +97,9 @@ mask .zsh_history
 # commands in a particular config file, you can use setenv to reverse
 # the effects of unsetenv.
 
-unsetenv AZURE_CLIENT_ID
-unsetenv AZURE_TENANT_ID
-unsetenv DATABASE_URL
-unsetenv MONGO_URI
-unsetenv MONGODB_URI
-unsetenv REDIS_URL
-unsetenv GOOGLE_APPLICATION_CREDENTIALS
-unsetenv KUBECONFIG
-unsetenv BB_AUTH_STRING
-unsetenv SENTRY_DSN
-unsetenv SLACK_WEBHOOK_URL
 unsetenv *_ACCESS_KEY
-unsetenv *_API_KEY
 unsetenv *_APIKEY
+unsetenv *_API_KEY
 unsetenv *_AUTH
 unsetenv *_AUTH_TOKEN
 unsetenv *_CONNECTION_STRING
@@ -123,6 +116,32 @@ unsetenv *_SOCK
 unsetenv *_SOCKET
 unsetenv *_SOCKET_PATH
 unsetenv *_TOKEN
+unsetenv AZURE_CLIENT_ID
+unsetenv AZURE_TENANT_ID
+unsetenv BB_AUTH_STRING
+unsetenv DATABASE_URL
+unsetenv GOOGLE_APPLICATION_CREDENTIALS
+unsetenv KUBECONFIG
+unsetenv MAIL
+unsetenv MONGODB_URI
+unsetenv MONGO_URI
+unsetenv REDIS_URL
+unsetenv SENTRY_DSN
+unsetenv SLACK_WEBHOOK_URL
+
+# The following environment variables get set in sandboxes.  You can
+# substitute existing environment variables (before any
+# unsetenv/setenv have been applied) by including them in ${...}.  Two
+# additional environment variables will be set that you can reference:
+#
+#  ${JAI_NAME} - the name of the sandbox
+#  ${JAI_USER} - the outside user invoking the sandbox
+#
+# (Note JAI_MODE is set in the sandbox's enfironment but not available
+# during configuration, since it can change during configuration.)
+
+setenv USER=${JAI_USER}
+setenv LOGNAME=${JAI_USER}
 )";
 
 extern const std::string default_conf =
jai.cc
index abb276f..f2f2c4e 100644
--- a/jai.cc
+++ b/jai.cc
@@ -101,6 +101,13 @@ Config::init_credentials()
   shell_ = pw->pw_shell;
   untrusted_cred_ = user_cred_ = Credentials::get_user(pw);
 
+  setenv("JAI_NAME", sandbox_name_.c_str(), 1);
+  setenv("JAI_USER", user_.c_str(), 1);
+
+  // HOME may incorrectly be root's when using su/sudo
+  if (realuid == 0 && pw->pw_uid != 0)
+    setenv_.emplace("HOME", std::format("HOME={}", pw->pw_dir));
+
   if (PwEnt u = PwEnt::get_nam(kUntrustedUser)) {
     if (u->pw_uid && !strcmp(u->pw_gecos, kUntrustedGecos) &&
         !strcmp(u->pw_dir, "/"))
@@ -805,7 +812,6 @@ try {
     argv = const_cast<char **>(bashcmd.data());
   }
 
-  setenv("JAI_NAME", sandbox_name_.c_str(), 1);
   setenv("JAI_MODE",
          mode_ == kStrict ? "strict"
          : mode_ == kBare ? "bare"