Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: Help me understand sudo $PATH weirdness.

  1. #1

    Default Help me understand sudo $PATH weirdness.

    Hello. I'm trying to understand how sudo works, but I am having trouble understanding some details.

    As I understand it when I run "sudo <command>", the command is basically executed with a whitewashed version of my environment variables (including $PATH), but with root permissions. That also seems to be how it works. For example, I don't have /sbin in my $PATH, so executing sudo ifconfig (ifconfig being located in /sbin/ifconfig) gives me:
    Code:
    $ sudo ifconfig
    sudo: ifconfig: command not found
    This I understand and is no problem. The proper way to do this is like so:
    Code:
    $ sudo -i ifconfig
    eth0 [lots of output]
    My confusion basically comes from what happens when I try inspecting what the $PATH actually is when running sudo. For example my path is:
    Code:
    $ env | grep ^PATH=
    PATH=/usr/lib64/mpi/gcc/openmpi/bin:/home/qbd/bin:/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/games:/usr/lib64/jvm/jre/bin
    And with sudo I get:
    Code:
    $ sudo env | grep ^PATH=
    PATH=/usr/sbin:/bin:/usr/bin:/sbin
    Also I can try looking for ifconfig using which. Without sudo, which (correctly) does not find it:
    Code:
    which ifconfig
    which: no ifconfig in (/usr/lib64/mpi/gcc/openmpi/bin:/home/qbd/bin:/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/games:/usr/lib64/jvm/jre/bin)
    But with sudo which indicates that ifconfig can be found:
    Code:
    $ sudo which ifconfig
    /sbin/ifconfig
    But recall that ifconfig won't actually be found using just sudo.

    So basically my question is why env and which seem to indicate that the path includes /sbin when running sudo, but in actuality it does not (sudo correctly inherits my $PATH as far as I can tell). Is there a good explanation for this behaviour?

  2. #2

    Default Re: Help me understand sudo $PATH weirdness.

    Okay so I have a theory about what's happening. It seems to me like sudo is correctly inheriting my $PATH, but any application run by sudo (like sh, env, which, etc.) does not inherit my $PATH but rather that of root, which does have /sbin in it's $PATH. I was assuming that an application would see the environment variables of whatever environment that launched it, but that seems not to be the case when using sudo. Does my puzzled-penguin attempt at an explanation make sense?

  3. #3
    Join Date
    Aug 2008
    Location
    Seattle, WA
    Posts
    1,376

    Default Re: Help me understand sudo $PATH weirdness.

    Your guess is right, typing the command with sudo you're still in the user environment. The command will be executed in the superuser/root environment. If this seems counter-intuitive, use "su -" instead. From this you'll be in the root environment with full root access.

  4. #4
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,686
    Blog Entries
    4

    Default Re: Help me understand sudo $PATH weirdness.

    The command is searched using your $PATH, but the command inherits a $PATH which is cut down. That's why sudo can find commands which are in your ~/bin. Try:

    Code:
    ln -s /usr/bin/env ~/bin/environment
    sudo environment
    Assuming you have ~/bin on your $PATH of course.

  5. #5

    Default Re: Help me understand sudo $PATH weirdness.

    Thanks for the replies .

    ken_yap, I've already checked that ~/bin is indeed being searched by sudo. However my observation is that the command launched by sudo does not inherit a cut down version of my path, but rather a cut down version of root's path. So commands are being searched for using my path, but launched with root's path.

    After some searching I see that I'm definitiely not the only one that's been confused by this . But at least I can somewhat understand it if commands launched by sudo inherit root's environment, not mine.

  6. #6
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,686
    Blog Entries
    4

    Default Re: Help me understand sudo $PATH weirdness.

    Quote Originally Posted by Quantumboredom View Post
    However my observation is that the command launched by sudo does not inherit a cut down version of my path, but rather a cut down version of root's path.
    Sure, that's the way it's supposed to work.

  7. #7
    Join Date
    Jan 2009
    Location
    Switzerland
    Posts
    1,529

    Default Re: Help me understand sudo $PATH weirdness.

    In contrast to sudo "su -c" is completely different. It will execute as root but with your users path

    Code:
    su -c 'set | grep ^PATH= && set | grep UID'
    Technology is 'stuff that doesn't work yet.' -- Bran Ferren

  8. #8

    Default Re: Help me understand sudo $PATH weirdness.

    Okay, so it seems /sbin and /usr/sbin gets added to my path by su:
    Code:
    [qbd@linux-x8ou ~]$ su -c env | grep ^PATH
    Password: 
    PATH=/usr/lib64/mpi/gcc/openmpi/bin:/home/qbd/bin:/usr/local/bin:/usr/bin:/sbin:/usr/sbin:/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/games:/usr/lib64/jvm/jre/bin
    [qbd@linux-x8ou ~]$ env | grep ^PATH
    PATH=/usr/lib64/mpi/gcc/openmpi/bin:/home/qbd/bin:/usr/local/bin:/usr/bin                :/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/games:/usr/lib64/jvm/jre/bin
    And su -c finds commands in /sbin like ifconfig etc.

    The man page for su is extremely short and doesn't really explain what's happening. In this context it looks like su -c does what alot of people actually want sudo to do, i.e. use the users path but add /sbin and /usr/sbin. It does however change/remove alot of other environment variables. Is there some more documentation for OpenSUSE's su implementation available somewhere?

  9. #9
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,686
    Blog Entries
    4

    Default Re: Help me understand sudo $PATH weirdness.

    info coreutils

    There is no "openSUSE implementation". It is just compiled from the upstream source pacakge.

  10. #10
    Join Date
    Jun 2008
    Location
    Earth - Denmark
    Posts
    10,730

    Default Re: Help me understand sudo $PATH weirdness.

    On 08/21/2011 09:26 AM, Quantumboredom wrote:

    > But at least I can somewhat understand it if
    > commands launched by sudo inherit root's environment, not mine.


    that is not what happens...try this:

    while logged in as yourself, open a new instance of a terminal and run
    these (give the root password when requested):

    [code]
    echo $PATH
    sudo echo $PATH
    su
    echo $path
    su -
    echo $PATH
    [code]

    and compare the resulting paths..

    the first two paths should be identical, because sudo keeps the
    environment of the user, but allows some root powers (as set in sudoer

    the path obtained by "su" will be different from the first two..

    and the results of the "su -" path will be different from the first
    three, and as it will be the only path not mentioning /home/[your
    userID] it is the only one showing root's true path (as root's
    environment doesn't include /home)

    hence, if you read how to become root in a terminal
    <http://tinyurl.com/ydbwssh> it will say to always use "su -" (and, it
    does not say to use sudo or su because neither of those allow you to
    become root--do some root stuff yes, but not become root.)

    yes, i know other distros use "su" and "sudo" a lot...and, some of those
    distros make it almost impossible to become root....why? ask them...i
    don't understand their reasoning..

    --
    DD Caveat
    openSUSE®, the "German Engineered Automobile" of operating systems!

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •