diff --git a/debian/changelog b/debian/changelog
index a3ffa9b..f1d95ef 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,7 @@ cm4all-lukko (0.29) unstable; urgency=low
 
   * obey the NO_PASSWORD=sftp translation packet
   * verify that the translation response has UID, GID and HOME
+  * set HOME and CHDIR only if not set by translation server
   * translation: add packet CHROOT
 
  --   
diff --git a/libcommon b/libcommon
index 3d11db2..3b5002f 160000
--- a/libcommon
+++ b/libcommon
@@ -1 +1 @@
-Subproject commit 3d11db22d1b8d308ef857f8e4184d291391bde52
+Subproject commit 3b5002f1eec590fa6df2aec31abd8765320db1f3
diff --git a/src/DelegateOpen.cxx b/src/DelegateOpen.cxx
index 2221d41..378e332 100644
--- a/src/DelegateOpen.cxx
+++ b/src/DelegateOpen.cxx
@@ -64,8 +64,8 @@ SpawnOpen(const Connection &ssh_connection)
 	   rootfs; minimalism! */
 	ssh_connection.PrepareChildProcess(p, close_fds, true);
 
-	if (const char *home = p.GetJailedHome())
-		p.chdir = home;
+	if (p.chdir == nullptr)
+		p.chdir = p.GetJailedHome();
 
 	p.control_fd = control_socket_for_child.ToFileDescriptor();
 
diff --git a/src/SessionChannel.cxx b/src/SessionChannel.cxx
index 16cb64b..355473c 100644
--- a/src/SessionChannel.cxx
+++ b/src/SessionChannel.cxx
@@ -213,10 +213,12 @@ SessionChannel::PrepareChildProcess(PreparedChildProcess &p,
 		stderr_pipe.Open(stderr_r.Release());
 	}
 
-	if (const char *home = p.GetJailedHome()) {
-		p.SetEnv("HOME", home);
-		p.chdir = home;
-	}
+	if (!p.HasEnv("HOME"sv))
+		if (const char *home = p.GetJailedHome())
+			p.SetEnv("HOME"sv, home);
+
+	if (p.chdir == nullptr)
+		p.chdir = p.GetJailedHome();
 }
 
 void