On Wednesday 05 April 2006 11:18, Jon LaBadie wrote: >On Wed, Apr 05, 2006 at 10:20:59AM -0400, Gene Heskett wrote: >> Greetings; >> >> I've been trying to help Anne Wilson setup a working amanda system >> at her place for over a week now, and having all sorts of troubles >> that were triggered by the amanda executables not being in the user >> amanda's environmental path when she actually logs in as amanda, as >> opposed to doing an 'su amanda' from root, which of course gets you >> the full maryann of roots $PATH. Thats why when she sent me an >> example of the command she was useing, it was always after cd'ing to >> the amanda src tree and doing "./amcheck" or whatever, otherwise she >> was getting not found messages. >> >> This was found by "su - amanda" means here, and its a huge gotcha >> for the unwary. Seemingly un-necessary paranoia to me, but... >> >> When doing it as amanda, with amanda's full $PATH, /usr/local/sbin, >> where all of amanda's executables live, is NOT in the $PATH. >> >> Adding it to ~/.bash_profile seems to allow it to survive the >> pathmunge'ing being done in /etc/profile, so I'm A) confused as to >> why it does, and B) in any event, is there a good reason to >> dis-allow access to /usr/local/sbin for the normal user? >> >> Explain it to me please. > ><anything>/"s"bin is supposed to contain programs of interest to >"systems accounts", not to ordinary users. Thus they would not >be in an ordinary users PATH by default because those users would >not look to execute them.
So thats why its called Sbin. I always thought it was supposed to be Scriptbin in the *nix lingo. >amanda, I feel, is a systems account and should include the "sbin's". >At least /usr/local/sbin. Not 100% certain that /sbin, /usr/sbin, >and /usr/X11R6/sbin are needed. I agree there 100% >There are oddities, like Sun's wisdom says "ping" is a systems >program, of no interest to ordinary users, and thus is in /usr/sbin. >I don't think I know any *nix users who haven't run ping. > >su "user" (no dash) retains the current environment but gets the >"user"s /etc/passwd specified shell but does no login type processing. >With the dash that shell processes profiles and rc scripts as if it >were a login shell. Which is what Anne was being, a good little lady and logging in as amanda from a login shell. I say little but don't know. From what I've gleaned, she's somewhere between the two of us in age. But, from the way I mentally processed the path, and I did in a message to Anne, /etc/profile specifically removes /usr/local/sbin from the path if the user has a non-zero uid. It did not do that when I had added it to /home/amanda/.bash_profile because I'd thrown some echo $PATH's into /etc/profile just to check, so when it survived the "su - amanda", I was scratching my head. Does that not reset the root uid first to that of "amanda"? But I've too sleepy to trace that back for the second time today. -- Cheers, Gene People having trouble with vz bouncing email to me should add the word 'online' between the 'verizon', and the dot which bypasses vz's stupid bounce rules. I do use spamassassin too. :-) Yahoo.com and AOL/TW attorneys please note, additions to the above message by Gene Heskett are: Copyright 2006 by Maurice Eugene Heskett, all rights reserved.
