#!/bin/sh
if [ -z "$PATH" ]
then
echo PATH=/snap/bin
else
echo PATH=$PATH:/snap/bin
fi
is the more correct minimal implementation. Note that for the case of
no-path set (initrmafs-less boot, lxd boot) the PATH environment
variable is not set yet; but can be prepended or expanded.
E.g. echo PATH=\$PATH:/snap/bin; is also a valid case for empty $PATH
however, output of PATH=:/snap/bin, is not. as that clears PATH, does
not cause PATH expansion and injects PWD into PATH which is a security
vulnerability typically.
Test case:
# PATH= /usr/lib/systemd/system-environment-generators/snapd-env-generator
PATH=:/snap/bin
... is bad
# PATH= /usr/lib/systemd/system-environment-generators/snapd-env-generator
PATH=/snap/bin
... is good
** Also affects: snapd (Ubuntu Cosmic)
Importance: Critical
Status: New
** Also affects: snapd (Ubuntu Bionic)
Importance: Undecided
Status: New
** Tags added: block-proposed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1791691
Title:
PATH broken in systemd units
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-images/+bug/1791691/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
