- Thread: How is root’s PATH set?
- How is root’s PATH set?
- Re: How is root’s PATH set?
- Re: How is root’s PATH set?
- Re: How is root’s PATH set?
- Re: How is root’s PATH set?
- Re: How is root’s PATH set?
- Setting the PATH so it applies to all users, including root/sudo
- 2 Answers 2
- How-To get root directory of given path in bash?
- 7 Answers 7
- Why does sudo change the PATH?
- 17 Answers 17
- update
- Adding a Directory to the Path
- Contents:
- Executive Summary
- Disclaimer
- Pre and Post Pathing
- Adding to a Single User’s Path
- Adding to All Users’ Paths (except root)
- Adding to the Path of User root
- Summary
Thread: How is root’s PATH set?
Thread Tools
Display
How is root’s PATH set?
Notice the two PATH’s differ. I did manage to discover that `sudo su`s PATH is dependent on /etc/environment, so there is little mystery there.
However, I can’t seem to find how /usr/X11R6/bin is being added to the PATH when `sudo -i` is run.
I’ve tried grepping for ‘usr/X11R6/bin’ in /etc, /usr, and /root, but didn’t find anything illuminating.
Does anyone know how root’s PATH gets set when `sudo -i` is run?
Re: How is root’s PATH set?
You shouldn’t modify it directly, but you can modify it’s usage by setting it in root’s or your own .bash_profile.
Example of /home/myusername/.bash_profile
if .bash_profile doesn’t exist, simply create it and copy/paste the example in.
In the above example, we modify the $PATH to include itself, the path to /home/myusername/bin, and the path to /whatever/bin, where we assume the previous two are extra directories containing programs and scripts we would like to call.
the difference between .bashrc and .bash_profile is that .bash_profile is run once you log in. .bashrc is run everytime you open a new terminal, as well as when .bash_profile is run as in the above example.
Re: How is root’s PATH set?
with su you are basically root, but your own environmental variables are «preserved».
And your environmental variables are merged with that of root’s.
On the other hand is «true» root access. None of your variables are carried over and only the root Defaults remain.
And as for the added directory in your $PATH list, well. It’s nothing, it’s just a symlink that points to /usr/bin. Most probably kept for compatibility with old root access softwares.
Re: How is root’s PATH set?
$PATH and other variables are something used a lot by bash and shell interpreters, even when you do not see them.
Ubuntu doesn’t actually use bash, but it uses a derivative called dash, which is just a slimmed down version. Look for online bash and dash tutorials to learn more.
Re: How is root’s PATH set?
According to su manual its $PATH is controlled by /etc/login.defs
Last edited by pauper; July 30th, 2008 at 03:54 AM .
«Si peccasse negamus, fallimur,
Et nulla est in nobis veritas—«
Re: How is root’s PATH set?
Thank you all for the information!
I think I was under the delusion that `sudo -i` would read some file or script in /etc (like /etc/environment) to set root’s PATH.
Yes, now I see from /usr/share/doc/sudo/OPTIONS that the X11R6 path is hard-coded into Ubuntu’s version of sudo.
In case this may be of use to others who wander into this thread, here are some other interesting differences I’ve found while comparing various sudo command’s resultant env’s:
I tried «sudo -i», «sudo -s», «sudo bash», and «sudo su», and ran
env > env-
[1] PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
probably set by /etc/environment
[2] PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin
Last edited by unutbu; July 30th, 2008 at 12:16 PM .
Источник
Setting the PATH so it applies to all users, including root/sudo
The instructions in How do I set PATH variables for all users on a server? work to set the PATH for all ‘normal’ users. However, if I do sudo -s and then printenv PATH the updated path is not shown. I’ve taken a look at for example Setting TeX Live path for root, but this does not seem to make sense to me, perhaps as I’m from a Windows background. Is there any way to set the truly system-wide path, such that the entries are inherited by absolutely every process running on the system?
2 Answers 2
Update:
Setting global environment variables should still be performed in /etc/environment , but as you pointed out, using sudo -s has the effect of these variables are «vanished».
The reason for that is sudo has a policy of resetting the Environment and setting a secure path. It is enabled by default:
Thus whatever is set in the /etc/environment for the path is overridden by sudo .
The manual page for sudoers states:
As a workaround, you can use sudo su that will provide a shell with root privileges but containing the right PATH.
Original Answer
You should set it in /etc/environment .
Try sudo YOUR_TEXT_EDITOR /etc/environment (make sure to create a backup first).
System-wide environment variables
Environment variable settings that affect the system as a whole (rather then just a particular user) should not be placed in any of the many system-level scripts that get executed when the system or the desktop session are loaded, but into
/etc/environment — This file is specifically meant for system-wide environment variable settings. It is not a script file, but rather consists of assignment expressions, one per line. Specifically, this file stores the system-wide locale and path settings.
/etc/profile — This file gets executed whenever a bash login shell is entered (e.g. when logging in from the console or over ssh), as well as by the DisplayManager when the desktop session loads. This is probably the file you will get referred to when asking veteran UNIX system administrators about environment variables. In Ubuntu, however, this file does little more then invoke the /etc/bash.bashrc file.
/etc/bash.bashrc — This is the system-wide version of the
/.bashrc file. Ubuntu is configured by default to execute this file whenever a user enters a shell or the desktop environment.
Источник
How-To get root directory of given path in bash?
And now I want to get first folder of «$PATH»: /home/
How can I always detect the first folder like the example above? «dirname $PATH» just returns «/home/user/example/foo/».
Thanks in advance! 🙂
7 Answers 7
I’ve found a solution:
This returns always the first directory. In this example it would return following:
Thanks to @condorwasabi for his idea with awk! 🙂
If PATH always has an absolute form you can do tricks like
However I should also add to that that it’s better to use other variables and not to use PATH as it would alter your search directories for binary files, unless you really intend to.
Also you can opt to convert your path to absolute form through readlink -f or readlink -m :
You can also refer to my function getabspath.
You can try this awk command:
At this point basedirectory will be the string home Then you write:
To get the first firectory:
PS: Never use PATH variable in your script as it will overrider default PATH and you script won’t be able to execute many system utilities
EDIT: Probably this should work for you:
Easy to tweak the regex.
Outputs the following.
To get the first directory component of VAR:
So, if VAR=»/path/to/foo» , this returns /path/ .
$
$
If you can guarantee that your paths are well formed this is a convenient method. It won’t work well for some paths, such as //path/to/foo or path/to/foo , but you can handle such cases by breaking down the strings further.
Источник
Why does sudo change the PATH?
This is the PATH variable without sudo:
This is the PATH variable with sudo:
As far as I can tell, sudo is supposed to leave PATH untouched. What’s going on? How do I change this? (This is on Ubuntu 8.04).
UPDATE: as far as I can see, none of the scripts started as root change PATH in any way.
To prevent command spoofing, sudo checks «.» and «» (both denoting current directory) last when searching for a command in the user’s PATH (if one or both are in the PATH). Note, however, that the actual PATH environment variable is not modified and is passed unchanged to the program that sudo executes.
17 Answers 17
This is an annoying function a feature of sudo on many distributions.
To work around this «problem» on ubuntu I do the following in my
Note the above will work for commands that don’t reset the $PATH themselves. However `su’ resets it’s $PATH so you must use -p to tell it not to. I.E.:
In case someone else runs accross this and wants to just disable all path variable changing for all users.
Access your sudoers file by using the command: visudo . You should see the following line somewhere:
which you should add the following on the next line
secure_path is enabled by default. This option specifies what to make $PATH when sudoing. The exclamation mark disables the feature.
PATH is an environment variable, and as such is by default reset by sudo.
You need special permissions to be permitted to do this.
An Example of usage:
update
So may need to check that this is/is not compiled in.
It is by default in Gentoo
Looks like this bug has been around for quite a while! Here are some bug references you may find helpful (and may want to subscribe to / vote up, hint, hint. ):
It seems that Bug#20996 is still present in this version of sudo. The changelog says that it can be overridden at runtime but I haven’t yet discovered how.
They mention putting something like this in your sudoers file:
but when I do that in Ubuntu 8.10 at least, it gives me this error:
Worse still, as far as I can tell, it is impossible to respecify secure_path in the sudoers file. So if, for example, you want to offer your users easy access to something under /opt, you must recompile sudo.
Yes. There needs to be a way to override this «feature» without having to recompile. Nothing worse then security bigots telling you what’s best for your environment and then not giving you a way to turn it off.
This is really annoying. It might be wise to keep current behavior by default for security reasons, but there should be a way of overriding it other than recompiling from source code! Many people ARE in need of PATH inheritance. I wonder why no maintainers look into it, which seems easy to come up with an acceptable solution.
I worked around it like this:
then create a file /usr/bin/sudo containing the following:
then your regular sudo works just like the non secure-path sudo
Given that a duplicate of this bug was originally filed in July 2006, I’m not clear how long an ineffectual env_keep has been in operation. Whatever the merits of forcing users to employ tricks such as that listed above, surely the man pages for sudo and sudoers should reflect the fact that options to modify the PATH are effectively redundant.
Modifying documentation to reflect actual execution is non destabilising and very helpful.
I need to be able to run sudo with additional non-std binary folders in the PATH. Having already added my requirements to /etc/environment I was surprised when I got errors about missing commands when running them under sudo.
I tried the following to fix this without sucess:
Using the » sudo -E » option — did not work. My existing PATH was still reset by sudo
Changing » Defaults env_reset » to » Defaults !env_reset » in /etc/sudoers — also did not work (even when combined with sudo -E)
Uncommenting env_reset (e.g. » #Defaults env_reset «) in /etc/sudoers — also did not work.
Adding ‘ Defaults env_keep += «PATH» ‘ to /etc/sudoers — also did not work.
Clearly — despite the man documentation — sudo is completely hardcoded regarding PATH and does not allow any flexibility regarding retaining the users PATH. Very annoying as I can’t run non-default software under root permissions using sudo.
Источник
Adding a Directory to the Path
[ Linux Library | Troubleshooters.Com | Email Steve Litt | Copyright Notice ]
Contents:
Executive Summary
Disclaimer
Pre and Post Pathing
Linux determines the executable search path with the $PATH environment variable. To add directory /data/myscripts to the beginning of the $PATH environment variable, use the following:
To add that directory to the end of the path, use the following command:
But the preceding are not sufficient because when you set an environment variable inside a script, that change is effective only within the script. There are only two ways around this limitation:
- If, within the script, you export the environment variable it is effective within any programs called by the script. Note that it is not effective within the program that called the script.
- If the program that calls the script does so by inclusion instead of calling, any environment changes in the script are effective within the calling program. Such inclusion can be done with the dot command or the source command. Examples:
. $HOME/myscript.sh
source $HOME/myscript.sh
Inclusion basically incorporates the «called» script in the «calling» script. It’s like a #include in C. So it’s effective inside the «calling» script or program. But of course, it’s not effective in any programs or scripts called by the calling program. To make it effective all the way down the call chain, you must follow the setting of the environment variable with an export command.
As an example, the bash shell program incorporates the contents of file .bash_profile by inclusion. So putting the following 2 lines in .bash_profile:
effectively puts those 2 lines of code in the bash program. So within bash the $PATH variable includes $HOME/myscript.sh, and because of the export statement, any programs called by bash have the altered $PATH variable. And because any programs you run from a bash prompt are called by bash, the new path is in force for anything you run from the bash prompt.
The bottom line is that to add a new directory to the path, you must append or prepend the directory to the $PATH environment variable within a script included in the shell, and you must export the $PATH environnment variable. The only remaining question is: In which script do you place those two lines of code?
Adding to a Single User’s Path
To add a directory to the path of a single user, place the lines in that user’s .bash_profile file. Typically, .bash_profile already contains changes to the $PATH variable and also contains an export statement, so you can simply add the desired directory to the end or beginning of the existing statement that changes the $PATH variable. However, if .bash_profile doesn’t contain the path changing code, simply add the following two lines to the end of the .bash_profile file:
Adding to All Users’ Paths (except root)
You globally set a path in /etc/profile. That setting is global for all users except user root. Typical /etc/profile files extensively modify the $PATH variable, and then export that variable. What that means is you can modify the path by appending or prepending the desired directory(s) in existing statements modifying the path. Or, you can add your own path modification statements anywhere before the existing export statement. In the very unlikely event that there are no path modification or export statements in /etc/profile, you can insert the following 2 lines of code at the bottom of /etc/profile:
Adding to the Path of User root
Summary
Place that code, or whatever part of that code isn’t already incorporated, in one of the following places:
Источник
