On Sun, Jul 14, 2019 at 09:29:55AM +0300, Andrei POPESCU wrote: > What's the point of preserving the environment, but resetting PATH?
It assumes you trust yourself, and that you did not intentionally sabotage your own environment. The changes that you, the owner and administrator of your computer, have made to your environment for your own convenience and efficiency, should be preserved when you "su". Examples of that include user interface customizations to the pager that you use for reading man pages, which is something that *I* do pretty often when I'm su-ed to root. Maybe you've memorized all of the options for a program you only use once a year. I haven't. Changing PATH is also for efficiency and convenience. There's a bunch of stuff that you only use when you're root, and most of it's in /sbin and /usr/sbin. So you only want those directories added to your PATH when you're root. You *could* run around with PATH=/usr/local/sbin:/usr/local/bin:.... all day long, but that's slightly less efficient when your shell has to look up a new command's location. The implementation of su in stretch-and-earlier is the best of all worlds. You get PATH set correctly before and after, you get to keep all of your customized environment settings like $PAGER and $LESS, and it doesn't change your working directory in the middle of your workflow. What are the replacement choices? * "su -" throws away your custom environment AND changes your working directory. * "sudo -i" throws away your custom environment AND changes your working directory. * "sudo -s" throws away most of your custom environment (unless configured in a non-default way). * Putting /usr/local/sbin (et al.) in your regular PATH and using "su" lets you keep your custom environment and your working directory, at the cost of inefficiency when you're not root. This may be extremely difficult with some Display Managers. * Putting ALWAYS_SET_PATH yes in /etc/login.defs lets you keep your customized enviornment and your working directory, without imposing an extra cost when you're not root. Objectively, the last one is the best choice, but I have *just* enough inertia that I don't really want to do that... so I've settled for sudo -s. For now, anyway. I reserve the right to change my mind and do something else if I get sufficiently annoyed. On a purely selfish and practical note, the *main* thing that I care about in my customized environment, when I'm root, is one environment variable: LESS=-X. I utterly *hate* it when I read a man page, find the section I need, get it positioned exactly right on the screen, "q" to quit, and then... the manual vanishes from the screen. That's utterly spiteful. I need that man page to STAY VISIBLE so I can apply the information in it while I'm typing my next command. It seems that inside a screen session, "man foo" acts as if I had LESS=-X in my environment, even when I don't. So, one more reason that "sudo -s" is acceptable to me, right now, is that I can live without that piece of my customized environment, as long as I'm inside screen.