Change the way we call su(1) in rcexec:

- drop `-'l' to prevent simulating a full login and running /root/.profile
(prodded by a mail from J Greely)
- use `-m' to preserve the environment because we now set HOME to "/" like
/etc/rc does; note that we now also clear the environment using `env -i' before
running su(1) which leaves us with only HOME, PATH and SHELL

Committing early to catch regressions fast, if any.
ok halex@

1 files changed, 2 insertions, 2 deletions

diff --git a/etc/rc.d/rc.subr b/etc/rc.d/rc.subr
index 6c2f69403a3..f5547aa7878 100644
--- a/etc/rc.d/rc.subr
+++ b/etc/rc.d/rc.subr
@@ -1,4 +1,4 @@
-#	$OpenBSD: rc.subr,v 1.127 2017/06/05 18:31:23 ajacoutot Exp $
+#	$OpenBSD: rc.subr,v 1.128 2018/10/16 07:07:05 ajacoutot Exp $
 #
 # Copyright (c) 2010, 2011, 2014-2017 Antoine Jacoutot <ajacoutot@openbsd.org>
 # Copyright (c) 2010, 2011 Ingo Schwarze <schwarze@openbsd.org>
@@ -317,6 +317,6 @@ fi
 readonly daemon_class
 unset _rcflags _rcrtable _rcuser _rctimeout
 pexp="${daemon}${daemon_flags:+ ${daemon_flags}}"
-rcexec="su -l -c ${daemon_class} -s /bin/sh ${daemon_user} -c"
+rcexec="env -i HOME=/ su -m -c ${daemon_class} -s /bin/sh ${daemon_user} -c"
 [ "${daemon_rtable}" -eq 0 ] ||
 	rcexec="route -T ${daemon_rtable} exec ${rcexec}"