On Thu, Sep 4, 2008 at 6:53 PM, Alberto <[EMAIL PROTECTED]> wrote: > Ricapitolo un po tutto: > > i PATH sono questi > > $ echo $PATH > /usr/local/bin:/usr/bin:/bin:/usr/games:/opt/schily/bin > > $ su > # echo $PATH > /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/schily/bin > > $ su - > # echo $PATH > /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin > > $ su -l > # echo $PATH > /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin > > > Adesso incominciamo con sudo > > $ sudo echo $PATH > /usr/local/bin:/usr/bin:/bin:/usr/games:/opt/schily/bin > > $ sudo env | grep PATH > PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin > > $ sudo su - > [EMAIL PROTECTED]:~# clogout (premo un qualsiasi tasto è mi fa logout) > > > > On Thu, Sep 4, 2008 at 2:51 PM, Micky Del Favero <[EMAIL PROTECTED]> wrote: >> [ Rispondo in lista, mi pare più corretto nei confronti di chi legge la >> discussione ] >> >> Alberto <[EMAIL PROTECTED]> writes: >> >>>> $ sudo su - >>>> # env | grep PATH >>>> >>>> e vedi il path corretto. >>> >>> # env | grep PATH >>> PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin >> >> allora devi indagare su come vengono assegnati i path a PATH per root, > > Questo credo di averlo capito: > > $ cat /etc/profile > # /etc/profile: system-wide .profile file for the Bourne shell (sh(1)) > # and Bourne compatible shells (bash(1), ksh(1), ash(1), ...). > > if [ "`id -u`" -eq 0 ]; then > PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" > else > PATH="/usr/local/bin:/usr/bin:/bin:/usr/games" > fi > > if [ "$PS1" ]; then > if [ "$BASH" ]; then > PS1='[EMAIL PROTECTED]:\w\$ ' > else > if [ "`id -u`" -eq 0 ]; then > PS1='# ' > else > PS1='$ ' > fi > fi > fi > > export PATH > > umask 022 > > >> AFAIK su - significa carica l'enviromente come si facesse login, ma da >> man su leggo che: >> >> -, -l, --login >> Provide an environment similar to what the user would expect had >> the user logged in directly. >> >> When - is used, it must be specified as the last su option. The >> other forms (-l and --login) do not have this restriction. >> >> potrebbe essere quel similar l'inghippo. > > Personalmente credo che sia colpa del PATH che sudo si assegna. > Di default la mia debian partiva con > > Default env_reset > > e il manuale di sudoers mi dice che con questa impostazione resetta > l'enviroment in modo da contenere solo HOME, LOGNAME, PATH, SHELL, > TERM, USER (oltre a SUDO_* ) > > Inoltre mi dice che di default, anche se non chiamati esplicitamente, > env_keep tiene delle variabili che è possibile sapere con > > #sudo -V > > # sudo -V > Sudo version 1.6.9p17 > > Sudoers path: /etc/sudoers > Authentication methods: 'pam' > Syslog facility if syslog is being used for logging: authpriv > Syslog priority to use when user authenticates successfully: notice > Syslog priority to use when user authenticates unsuccessfully: alert > Send mail if the user is not in sudoers > Lecture user the first time they run sudo > Require users to authenticate by default > Root may run sudo > Allow some information gathering to give useful error messages > Require fully-qualified hostnames in the sudoers file > Visudo will honor the EDITOR environment variable > Set the LOGNAME and USER environment variables > Length at which to wrap log file lines (0 for no wrap): 80 > Authentication timestamp timeout: 15 minutes > Password prompt timeout: 0 minutes > Number of tries to enter a password: 3 > Umask to use or 0777 to use user's: 022 > Path to mail program: /usr/sbin/sendmail > Flags for mail program: -t > Address to send mail to: root > Subject line for mail messages: *** SECURITY information for %h *** > Incorrect password message: Sorry, try again. > Path to authentication timestamp dir: /var/run/sudo > Default password prompt: [sudo] password for %p: > Default user to run commands as: root > Path to the editor for use by visudo: /usr/bin/editor > When to require a password for 'list' pseudocommand: any > When to require a password for 'verify' pseudocommand: all > File containing dummy exec functions: /usr/lib/sudo/sudo_noexec.so > Reset the environment to a default set of variables > Environment variables to check for sanity: > TERM > LINGUAS > LC_* > LANGUAGE > LANG > COLORTERM > Environment variables to remove: > RUBYOPT > RUBYLIB > PYTHONINSPECT > PYTHONPATH > PYTHONHOME > TMPPREFIX > ZDOTDIR > READNULLCMD > NULLCMD > FPATH > PERL5DB > PERL5OPT > PERL5LIB > PERLLIB > PERLIO_DEBUG > JAVA_TOOL_OPTIONS > SHELLOPTS > GLOBIGNORE > PS4 > BASH_ENV > ENV > TERMCAP > TERMPATH > TERMINFO_DIRS > TERMINFO > _RLD* > LD_* > PATH_LOCALE > NLSPATH > HOSTALIASES > RES_OPTIONS > LOCALDOMAIN > PS4 > SHELLOPTS > CDPATH > IFS > Environment variables to preserve: > XAUTHORIZATION > XAUTHORITY > TZ > PS2 > PS1 > PATH > MAIL > LS_COLORS > KRB5CCNAME > HOSTNAME > HOME > DISPLAY > COLORS > Local IP address and netmask pairs: > 192.168.1.100 / 255.255.255.0 > fe80::215:f2ff:feb1:3464 / ffff:ffff:ffff:ffff:: > > > E PATH è mantenuto di default, quindi aggiungere > Default env_kepp += "PATH" > è inutile > > Allora perché cambia? > > Credo che la colpa sia di: > > If sudo was compiled with the SECURE_PATH option, its value will be > used for the PATH environment variable. This flag is on by default. > > Ma non ne sono sicuro, qualcuno è in grado di chiarirmi il punto
Forse la risposta è in man sudo Note, however, that the PATH environment variable is further modified in Debian because of the use of the SECURE_PATH build option. Sapete come risolvere? > grazie > AG > >>>> Provato con >>>> >>>> Defaults env_reset >>>> Defaults env_keep += "PATH" >>>> >>>> potrebbe essere che il path venga cancellato visto che env_reset: >>> >>> provato ed ecco i risultati: >>> $ sudo env | grep PATH >>> PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin >>> >>> $ sudo su - >>> # >> >> bo, a sto punto non saprei aiutarti. >> >> Ciao, Micky >> -- >> UNIX is basically a simple operating system, but you have to >> be a genius to understand the simplicity. -- Dennis Ritchie >> > -- Per REVOCARE l'iscrizione alla lista, inviare un email a [EMAIL PROTECTED] con oggetto "unsubscribe". Per problemi inviare un email in INGLESE a [EMAIL PROTECTED] To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
