From 66e9a376191b8bdbdadd15000c1777399bb38d14 Mon Sep 17 00:00:00 2001
From: ajacoutot <>
Date: Tue, 16 Oct 2018 07:07:05 +0000
Subject: [PATCH] Change the way we call su(1) in rcexec: - drop `-'l' to
 prevent simulating a full login and running /root/.profile (prodded by a mail
 from J Greely) - use `-m' to preserve the environment because we now set HOME
 to "/" like /etc/rc does; note that we now also clear the environment using
 `env -i' before running su(1) which leaves us with only HOME, PATH and SHELL

Committing early to catch regressions fast, if any.
ok halex@
---
 src/etc/rc.d/rc.subr | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/etc/rc.d/rc.subr b/src/etc/rc.d/rc.subr
index 6c2f6940..f5547aa7 100644
--- a/src/etc/rc.d/rc.subr
+++ b/src/etc/rc.d/rc.subr
@@ -1,4 +1,4 @@
-#	$OpenBSD: rc.subr,v 1.127 2017/06/05 18:31:23 ajacoutot Exp $
+#	$OpenBSD: rc.subr,v 1.128 2018/10/16 07:07:05 ajacoutot Exp $
 #
 # Copyright (c) 2010, 2011, 2014-2017 Antoine Jacoutot <ajacoutot@openbsd.org>
 # Copyright (c) 2010, 2011 Ingo Schwarze <schwarze@openbsd.org>
@@ -317,6 +317,6 @@ fi
 readonly daemon_class
 unset _rcflags _rcrtable _rcuser _rctimeout
 pexp="${daemon}${daemon_flags:+ ${daemon_flags}}"
-rcexec="su -l -c ${daemon_class} -s /bin/sh ${daemon_user} -c"
+rcexec="env -i HOME=/ su -m -c ${daemon_class} -s /bin/sh ${daemon_user} -c"
 [ "${daemon_rtable}" -eq 0 ] ||
 	rcexec="route -T ${daemon_rtable} exec ${rcexec}"