Results 1 to 10 of 10

Thread: sudo ignoring PATH env var

  1. #1

    Default sudo ignoring PATH env var

    I assume there is a thread dealing with this problem, however I am unable to locate it. Apologies in advance. The same problem can be found in the following link although no real explanation is given. https://features.opensuse.org/310406

    Problem:
    I have noticed while using sudo that the subshell is unable to locate /sbin programs even though running "sudo env" seems to indicate that the PATH variable used contains /sbin. What is the reason for this behavior? Any coherent explanation would be greatly appreciated.

    Here is the "sudo env" output for reference:
    Code:
    TERM=xterm
    LANG=en_US.UTF-8
    LC_CTYPE=en_US.UTF-8
    COLORTERM=xfce4-terminal
    SHELL=/bin/bash
    MAIL=/var/mail/root
    LOGNAME=root
    USER=root
    USERNAME=root
    HOME=/root
    PATH=/usr/bin:/bin:/usr/sbin:/sbin
    SUDO_COMMAND=/usr/bin/env
    SUDO_USER=sinisha
    SUDO_UID=1000
    SUDO_GID=100

  2. #2

    Default Re: sudo ignoring PATH env var

    Quote Originally Posted by skyhunter View Post
    Problem:
    I have noticed while using sudo that the subshell is unable to locate /sbin programs even though running "sudo env" seems to indicate that the PATH variable used contains /sbin. What is the reason for this behavior? Any coherent explanation would be greatly appreciated.
    sudo uses the user's path by default I think, not root's, and /sbin and /usr/sbin are _not_ in a user's path by default. Add them to your user's path, and sudo should find programs there.
    ("sudo env" will list root's environment of course... )

    But in fact /sbin and /usr/sbin have been added to sudo's path in Factory recently now.
    See also:
    https://bugzilla.novell.com/show_bug.cgi?id=864115
    https://build.opensuse.org/request/show/213957
    Last edited by wolfi323; 26-Aug-2014 at 00:03.

  3. #3
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    24,721

    Default Re: sudo ignoring PATH env var

    Better use
    Code:
    su -
    Henk van Velden

  4. #4

    Default Re: sudo ignoring PATH env var

    Quote Originally Posted by hcvv View Post
    Better use
    Code:
    su -
    Why?

    This might be inconvinient depending on the use-case.
    E.g. sudo remembers the root password for 5 minutes, and it can be configured to not need a password at all (even for only certain commands if wanted).

  5. #5
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    24,721

    Default Re: sudo ignoring PATH env var

    Quote Originally Posted by wolfi323 View Post
    Why?

    This might be inconvinient depending on the use-case.
    E.g. sudo remembers the root password for 5 minutes, and it can be configured to not need a password at all (even for only certain commands if wanted).
    My interpretation, reading his posst, was that the OP did not (want) to configure sudo. And as the default sudo configuration is the same as
    Code:
    su -
    why bother to use sudo?

    And when you think that remembering the password is important, as long as you are loged in as root using
    Code:
    su -
    you do not need to re-type the root password either.

    As KDE user, you can also use System > Terminal > Konsole (as root) from Kmenu. It offers you an su - session. And you can give it e.g. a different background colour from the "normal" Konsole sessions, so that you are warned using it.
    Henk van Velden

  6. #6

    Default Re: sudo ignoring PATH env var

    Quote Originally Posted by hcvv View Post
    My interpretation, reading his posst, was that the OP did not (want) to configure sudo.
    We do not know that.

    And as the default sudo configuration is the same as
    Code:
    su -
    why bother to use sudo?
    But why bother to use "su -", if you rather want to use "sudo"?

    And it is not true that the default sudo configuration is the same as "su -".
    Yes, both give you root rights after entering the root password (on openSUSE that is).
    But in addition to the above, e.g. the resulting environment in which programs are run is (completely) different.

    And when you think that remembering the password is important, as long as you are loged in as root using
    Code:
    su -
    you do not need to re-type the root password either.
    But what about using it in scripts, especially more than once?
    For "su - -c xxx" you would have to type in the password each time, or run the complete script as root which might not be wanted either.

    As KDE user, you can also use System > Terminal > Konsole (as root) from Kmenu. It offers you an su - session. And you can give it e.g. a different background colour from the "normal" Konsole sessions, so that you are warned using it.
    That's true of course.

    Please note that I do not want to say that one shouldn't use "su -" instead, but it is _not_ exactly the same.
    And IMHO your reply also suggested that one should not use "sudo" at all but rather "su -", which is not true really.
    Last edited by wolfi323; 26-Aug-2014 at 01:55.

  7. #7
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    24,721

    Default Re: sudo ignoring PATH env var

    I only "advised" the OP to use su -. Then he gets what he wants (and IMHO needs for the majority of cases) a root process with root's environment.

    My advice was based on the assessment of the OP's field of knowledge.
    Henk van Velden

  8. #8

    Default Re: sudo ignoring PATH env var

    Quote Originally Posted by hcvv View Post
    I only "advised" the OP to use su -. Then he gets what he wants (and IMHO needs for the majority of cases) a root process with root's environment.
    Right.
    But it was you that critizised me for advising to use "zypper up" once, because it is not the same as using "zypper patch" or YaST->Online Update.
    This case is similar...

    And the OP specifically asked about sudo. The question was not only (or not at all) what to do about it, but rather _why_ it is this way.

    Anyway, you're right that "su -" should probably work as well (the OP shall decide whether he wants that or not).
    And in 13.2 sudo will have /sbin and /usr/sbin in the path.

    Adding /sbin/ and /usr/sbin to the user's path should fix the "problem" in 13.1 though, or adding this to /etc/sudoers as the factory submit does:
    Code:
    Defaults secure_path="/usr/sbin:/usr/bin:/sbin:/bin"

  9. #9

    Default Re: sudo ignoring PATH env var

    Quote Originally Posted by wolfi323 View Post
    Right.
    But it was you that critizised me for advising to use "zypper up" once, because it is not the same as using "zypper patch" or YaST->Online Update.
    This case is similar...

    And the OP specifically asked about sudo. The question was not only (or not at all) what to do about it, but rather _why_ it is this way.

    Anyway, you're right that "su -" should probably work as well (the OP shall decide whether he wants that or not).
    And in 13.2 sudo will have /sbin and /usr/sbin in the path.

    Adding /sbin/ and /usr/sbin to the user's path should fix the "problem" in 13.1 though, or adding this to /etc/sudoers as the factory submit does:
    Code:
    Defaults secure_path="/usr/sbin:/usr/bin:/sbin:/bin"
    Thank you for the answer. You were extremely helpful. I now realize that sudo resets the environment variables only to provide a clean environment for running the program. It still uses the users PATH to look up programs. This can however be modified by using the secure_path option as stated above.

  10. #10
    Join Date
    Nov 2009
    Location
    West Virginia Sector 13
    Posts
    15,580

    Default Re: sudo ignoring PATH env var

    I never use sudo I always use su - but then I never have ran Ubuntu either. Be default openSUSE's sudo does not operate like Ubuntu's sudo though it can be made to. In openSUSE sudo is like using su (without the dash). That gives you root credentials but user environment (for the most part) With su or sudo you can still run the commands you just have to give the full path to them.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •