WSL-Hello-sudo
WSL-Hello-sudo copied to clipboard
Any idea why on WSL2 PAM modules are not loaded on login (for example pam_env)?
I noticed that on WSL2 /etc/environment
is not getting parsed even though Linux-PAM seems to be configured correctly. If I execute sudo login
the /etc/environment
is parsed. So it seems like there is something missing / wrong about how WSL handles the distribution.
Am I missing something obvious? Asking here because it seems like you know how to get Linux-PAM to properly work with WSL2.
Related:
- https://github.com/microsoft/WSL/issues/1405
- https://github.com/linux-pam/linux-pam/issues/481
Here's a workaround to start WSL in PAM session from Windows Terminal:
~/.bashrc
...
# wsl login shell
if [ -n "$_WSL_PREV_PATH" ]; then
export PATH="$_WSL_PREV_PATH"
unset _WSL_PREV_PATH
fi
if [ -n "$_WSL_PREV_PWD" ]; then
cd "$_WSL_PREV_PWD"
unset _WSL_PREV_PWD
fi
...
~/.local/bin/wsl-login
#!/bin/bash
export _WSL_PREV_PATH="$PATH"
export _WSL_PREV_PWD="$PWD"
exec sudo -E "$HOME/.local/sbin/wsl-login-helper"
~/.local/sbin/wsl-login-helper
#!/bin/bash
if [ $(id -u) = 0 ]; then
user="$SUDO_USER"
unset "${!SUDO_@}"
exec login -p -f "$user"
fi
/etc/sudoers.d/wsl-login-helper
<username> ALL=(ALL) NOPASSWD:SETENV: /home/<username>/.local/sbin/wsl-login-helper
command line setting in Windows Terminal
C:\Windows\system32\wsl.exe -d Debian --shell-type login wsl-login