Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 23

Thread: Terminal Path Command - echo $PATH - What Do You Know About Your PATH?

  1. #11
    Join Date
    Mar 2010
    Location
    Austin - Texas
    Posts
    10,140
    Blog Entries
    48

    Smile Re: Terminal Path Command - echo $PATH - What Do You Know About YourPATH?

    Wow, looks like we got a lot of good responses here. I think that we have started talking a lot about how to gain root permissions and not so much about your path. I would also like to clarify that there is only one root, but different ways to obtain root authority to execute certain commands. When we say take on the root environment, we must be including the path of root as well.

    The sudo command gives us the authority to run privileged commands, but does not by default give us the root environment.

    The su command also gives us the authority to run privileged commands and does by default provide us much of the root environment. Certainly su puts the /sbin folder in the path to run such commands as fdisk.

    Now since this thread is about the path, did you notice how the paths changed depending on how root access was being obtained? Did you also notice that the su command, used alone, had three folder paths, added at the end, that are all the same? In fact, the path /usr/sbin can appear more than once in a lot of places. I wonder why that might be true?

    When we talk about the root environment, what besides authority to run privileged commands, different paths and perhaps a different "home" folder do we get as root? Anyone up to the task to spell it all out? Look at the very detailed message we got from DenverD. That is what I want to see here.

    Thank You,
    My Blog: https://forums.opensuse.org/blogs/jdmcdaniel3/

    Software efficiency halves every 18 months, thus compensating for Moore's Law

    Its James again from Austin, Texas

  2. #12
    Join Date
    Jun 2008
    Location
    Earth - Denmark
    Posts
    10,730

    Default Re: Terminal Path Command - echo $PATH - What Do You Know About YourPATH?

    gogalthorp wrote:
    > If you are confused on who you are you can do a *whoami* command


    LOL!

    --
    DenverD
    When it comes to chocolate, resistance is futile.
    CAVEAT: http://is.gd/bpoMD [posted via NNTP w/openSUSE 10.3]

  3. #13

    Default Re: Terminal Path Command - echo $PATH - What Do You Know About YourPATH?

    Quote Originally Posted by jdmcdaniel3 View Post
    The su command also gives us the authority to run privileged commands and does by default provide us much of the root environment.
    well ... again, try the following:
    Code:
    su
    echo $USER
    and
    Code:
    su -l
    echo $USER
    Do you see a difference ?

    If you're still not convinced, try
    Code:
    su
    set > /tmp/env_user
    and
    Code:
    su -l
    set > /tmp/env_root
    then compare the files /tmp/env_user and /tmp/env_root
    Code:
     diff /tmp/env_user /tmp/env_root

  4. #14

    Default Re: Terminal Path Command - echo $PATH - What Do You Know About YourPATH?

    Quote Originally Posted by DenverD View Post
    gogalthorp wrote:
    > If you are confused on who you are you can do a *whoami* command


    LOL!

    --
    DenverD
    When it comes to chocolate, resistance is futile.
    CAVEAT: C A V E A T [posted via NNTP w/openSUSE 10.3]
    Yep, that too.

  5. #15
    Join Date
    Jun 2008
    Location
    Earth - Denmark
    Posts
    10,730

    Default Re: Terminal Path Command - echo $PATH - What Do You Know About YourPATH?

    jdmcdaniel3 wrote:
    > The su command also gives us the authority to run privileged commands
    > and does by default provide us much of the root environment.


    nope...if by "The su command" you mean, as yourself you type this in a
    terminal:

    Code:
    su
    that gives you NOT one little bit of the root environment as you stated..

    instead "su" alone leaves you with your own user environment...you
    have shown that to yourself already by posting the results of


    Code:
    su (su<enter> and echo $PATH<enter>)
    su - (su -<enter> and echo $PATH<enter>)
    "su" alone will always default to root powers *but* keep the
    environment of the user switched from, while "su -" (or "su -l" or "su
    --login") will always give you root powers AND root's environment..

    now, if you as a user, issue this:

    Code:
    su -
    you will MOVE from where ever you were to /root
    then, if you do this

    Code:
    su [your ID]
    you will revert to your user powers, but remain in /root and with
    root's environment..

    but if you as root enter:

    Code:
    su - [your ID]
    you will become you, with your powers and your environment...and, be
    back in your /home/[your ID]

    and, the same would happen if you did either of these also:

    Code:
    su -l [your ID]
    su --login
    see?

    --
    DenverD
    When it comes to chocolate, resistance is futile.
    CAVEAT: http://is.gd/bpoMD [posted via NNTP w/openSUSE 10.3]

  6. #16
    Join Date
    Mar 2010
    Location
    Austin - Texas
    Posts
    10,140
    Blog Entries
    48

    Smile Re: Terminal Path Command - echo $PATH - What Do You Know About YourPATH?

    Now I seem to have some statements being made that are not true. That is, that the su command, by its self does not provide any of the root environment. But if you look at my path commands, it is changed when you use just su, as in particular, the /sbin path is present. Look at the Path listing for using su one more time.

    Code:
    su (su<enter> and echo $PATH<enter>)
    
    01) /usr/lib64/mpi/gcc/openmpi/bin
    02) /home/james/bin
    03) /usr/local/bin
    04) /usr/bin
    05) /sbin
    06) /bin
    07) /usr/bin/X11
    08) /usr/X11R6/bin
    09) /usr/games
    10) /opt/kde3/bin
    11) /usr/lib64/jvm/jre/bin
    12) /usr/sbin
    13) /usr/sbin
    14) /usr/sbin
    Also, lets talk about where the path command is being set. I find that as a user, you can change your path in the following two files if you wanted to. (~ = /home/yourname)

    ~/.bashrc
    ~/.profile

    I find that the path is being set for you in the following files where it is NOT recommended you make any changes:

    /etc/profile.d/profile.sh
    /etc/bash.bashrc
    /etc/profile

    Further, I found a suggestions that as root, you could create a file called:

    /etc/profile.local

    Which could be used to modify all paths in the system, added to those that exist for instance. Does any of this sound correct?

    Thank You,
    My Blog: https://forums.opensuse.org/blogs/jdmcdaniel3/

    Software efficiency halves every 18 months, thus compensating for Moore's Law

    Its James again from Austin, Texas

  7. #17
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,686
    Blog Entries
    4

    Default Re: Terminal Path Command - echo $PATH - What Do You Know About YourPATH?

    Incidentally the way su - (and ssh) cause the target user's environment to be initialised is, after changing uid to the target user, call the shell with -l, or by an older convention, pass a dash as the first character of argv[0], which normally contains the name (not the executable path) of the program. Either of these actions cause the shell to read some init files that are normally not when run as a non-login shell. And PATH is usually one of the things set in one of those config files. You can read all the gory details under INVOCATION in man bash. That by the way is where you should read to understand which initialisations go into which init file.

  8. #18

    Default Re: Terminal Path Command - echo $PATH - What Do You Know About YourPATH?

    Quote Originally Posted by jdmcdaniel3 View Post
    Further, I found a suggestions that as root, you could create a file called:

    /etc/profile.local

    Which could be used to modify all paths in the system, added to those that exist for instance. Does any of this sound correct?
    Yes, that's what I do too. Be aware that it is only sourced in login shells, as ken_yap just explained.

    Here's an example of redefining PATH in /etc/profile.local:

    Code:
    localbase=/usr/local
    
    pathmunge () {
        if ! echo $PATH | /bin/egrep -q "(^|:)$1($|:)" ; then
    	if [ -d $1 ] ; then	
       	    if [ "$2" = "after" ] ; then
            	PATH=$PATH:$1
           	    else
            	PATH=$1:$PATH
    	    fi
           fi
        fi
    }
    
    # make path more comfortable
    
    pathmunge	$localbase/bat
    pathmunge	$HOME/bin
    
    if grep -q "wheel.*$USER" /etc/group ; then
    pathmunge	/usr/sbin after
    pathmunge	/sbin after
    pathmunge	/usr/local/sbin after
    fi

  9. #19
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    11,254
    Blog Entries
    2

    Default Re: Terminal Path Command - echo $PATH - What Do You Know About YourPATH?

    First, I'd like to say how cool this thread is.

    Since installing 11.3, I'd noticed little things about not finding myself in the expected directory location when su, sudo and logging in as root and this thread goes a long ways towards answering those mysteries. I don't remember these types of issues in 11.1 and earlier, has something changed and if so when? The only thing that looks familiar is in post #16 re suggested use creating a profile.local if you want to make any PATH changes persistent.

    I'm also disappointed that if implementing sudo instead of su (or su root) is supposed to be a significant security measure that it only requires an explicit path to access the /sbin/ folder and possibly other locations which you might want off limits. Is there a permissions issue beyond the scope of this thread (covering only $PATH)?

    Hoping I'm not getting too off -thread, I did a quick lookup of "su vs sudo" and the Wikipedia entry says that the file /etc/sudoers determines the environment and permissions of sudo. Inspecting that file on my default 11.3, unless I'm missing something although the environment is an alias of the ordinary user, the permissions are absolutely no different than root.

    So, what then really is the security advantage of using sudo instead of su?

    Thx,
    Tony

  10. #20
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,686
    Blog Entries
    4

    Default Re: Terminal Path Command - echo $PATH - What Do You Know About YourPATH?

    Quote Originally Posted by tsu2 View Post
    I'm also disappointed that if implementing sudo instead of su (or su root) is supposed to be a significant security measure that it only requires an explicit path to access the /sbin/ folder and possibly other locations which you might want off limits. Is there a permissions issue beyond the scope of this thread (covering only $PATH)?
    Putting programs in /sbin or /usr/sbin is not a security measure. Programs still do their own checking that your uid is really 0. You can run all the programs you like in /sbin or /usr/sbin as yourself and it will not get you any enhanced privileges.

    The segregation is more to do with classification of a program as an admin tool or not. But some distros choose to add /sbin and /usr/sbin to normal users' paths so that sudo fdisk -l works as expected.

Page 2 of 3 FirstFirst 123 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •