Discussion:
Patching the default PATH of `su`
Leo Famulari
2018-04-05 16:37:12 UTC
Permalink
In the man page of su(1), it says this:

------
The current environment is passed to the new shell. The value of $PATH is reset to
/bin:/usr/bin for normal users, or /sbin:/bin:/usr/sbin:/usr/bin for the superuser.
This may be changed with the ENV_PATH and ENV_SUPATH definitions in /etc/login.defs.
------

This means that `su leo` or `sudo su` give a broken environment on
GuixSD. You have to use `su --login` instead.

Should we use our own values for ENV_PATH and ENV_SUPATH so that this
works out of the box?
Ludovic Courtès
2018-04-06 08:01:57 UTC
Permalink
Hello,
Post by Leo Famulari
------
The current environment is passed to the new shell. The value of $PATH is reset to
/bin:/usr/bin for normal users, or /sbin:/bin:/usr/sbin:/usr/bin for the superuser.
This may be changed with the ENV_PATH and ENV_SUPATH definitions in /etc/login.defs.
------
This means that `su leo` or `sudo su` give a broken environment on
GuixSD. You have to use `su --login` instead.
Should we use our own values for ENV_PATH and ENV_SUPATH so that this
works out of the box?
Probably, yes. It would be good to check how this affects
mingetty/login, sshd, etc.

Note that libc also has its own default PATH value in <paths.h>:

/* Default search path. */
#define _PATH_DEFPATH "/usr/bin:/bin"
/* All standard utilities path. */
#define _PATH_STDPATH \
"/usr/bin:/bin:/usr/sbin:/sbin"

Does ‘su’ rely on this? In a future rebuild cycle we could change these
values, but /run/current-system/bin wouldn’t work on foreign distros, so
it’s not clear there’s much to gain.

Thanks,
Ludo’.
Leo Famulari
2018-04-06 12:39:26 UTC
Permalink
Post by Ludovic Courtès
Probably, yes. It would be good to check how this affects
mingetty/login, sshd, etc.
Okay. I can test the change.
Post by Ludovic Courtès
/* Default search path. */
#define _PATH_DEFPATH "/usr/bin:/bin"
/* All standard utilities path. */
#define _PATH_STDPATH \
"/usr/bin:/bin:/usr/sbin:/sbin"
Does ‘su’ rely on this? In a future rebuild cycle we could change these
values, but /run/current-system/bin wouldn’t work on foreign distros, so
it’s not clear there’s much to gain.
I don't think `su` uses this, but I'll find out. As you say, it wouldn't
help much on foreign distros. I think the situation with `su` is
different, since it seems inconvenient to use our `su` on a foreign
distro, because it needs to be setuid.

Loading...