On Mon, Nov 12, 2012 at 12:25:51PM -0500, Adam wrote: > dragorn wrote: > >On Mon, Nov 12, 2012 at 12:06:58AM -0500, Adam wrote: > >>I ran across a strange inconsistency today. What should > >> > >> su -l -c 'echo $PATH' > >> > >>return when run by an ordinary user (who happens to know the root > >>password) at the bash prompt? Under Mandriva and CentOS it returns > >>the user's path, but under Debian it returns root's path. I don't > >>understand the inconsistency or which response is correct, but that > >>would seem to make some shell scripts non-portable. > >Sudo can be configured to pass or filter environment variables. This > >may be an artifact of that. > > Thanks for your very informative reply! It just seems strange to me > that the same command (even if unlikely and unsafe) should produce > different yet successful results under different distros.
Single quotes would get the root shell path, double would get the executing users path and has nothing to do w/ sudo (as jack noted). Sudo can filter path or pass it, depending on the configuration, so you might get user path in root shell b/c sudo didn't filter it out, or you might get root path in root shell b/c sudo DID filter it out. Or, depending on how you do it, you might get user + root, if roots bashrc (or your shell equivalent) executes AND the user path is passed. Sudo by default filters most/all environment variables, because it can be a huge security risk. Massively so if you have a multiuser system which uses restricted sudo to allow users to perform specific tasks (vs a single-user system like an ubuntu desktop which uses sudo to raise privs of the single owner) --
signature.asc
Description: Digital signature
_______________________________________________ Mid-Hudson Valley Linux Users Group http://mhvlug.org http://mhvlug.org/cgi-bin/mailman/listinfo/mhvlug Upcoming Meetings (6pm - 8pm) Vassar College Dec 5 - SysAdmin Panel Jan 9 - High Performance Computing Feb 6 - February Meeting
