Ubuntu

hardy sudo path is always reset

Reported by sibidiba on 2008-02-17
58
This bug affects 8 people
Affects Status Importance Assigned to Milestone
sudo
Fix Released
Unknown
sudo (Fedora)
Fix Released
Unknown
sudo (Ubuntu)
Wishlist
Unassigned

Bug Description

Binary package hint: sudo

According to /usr/share/doc/sudo/OPTIONS, sudo is bulit with

--with-secure-path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin"

This is basically ok, but you should be able to change the default PATH for sudo.

I tried in sudoers:

Defaults env_reset
Defaults env_keep="HOME"

and

Defaults !env_reset

But PATH is always reset to the configured one.

Martin Pitt (pitti) wrote :

You can change $PATH for one command with a little trick:

  $ sudo PATH=$PATH sh -c 'echo $PATH'

to use the user's $PATH. You can set it to anything else, too.

However, I agree that it would be nice to provide a sudoers configuration variable to change the default.

Changed in sudo:
importance: Undecided → Wishlist
status: New → Triaged
Changed in sudo:
status: Unknown → In Progress
Changed in sudo:
status: In Progress → Fix Released
paul.carey (paul-p-carey) wrote :

Given that a duplicate of this bug was originally filed in July 2006, I'm not clear how long an ineffectual env_keep has been in operation. Whatever the merits of forcing users to employ tricks such as that listed above, surely the man pages for sudo and sudoers should reflect the fact that options to modify the PATH are effectively redundant.

Modifying documentation to reflect actual execution is non destabilising and very helpful.

Mikel Ward (mikelward) wrote :

The suggested workaround breaks sudo -s.

It would be nice if sudo worked properly without touching my PATH. If I wanted it to touch PATH, I'd use su - (or sudo su -).

Mikel Ward (mikelward) wrote :

What exactly are we trying to accomplish with --with-secure-path?

Can't we get the same functionality with env_reset and -D_PATH_DEFPATH?

Jeff Schroeder (sejeff) wrote :

The Fedora bug I linked is fixed if you use the new package. Simply merging sudo 1.7.0 solves this bug.

Changed in sudo (Fedora):
status: Unknown → Confirmed
Changed in sudo (Fedora):
status: Confirmed → Fix Committed
Martin Pitt (pitti) wrote :

Comment from upstream:

This feature is already present in sudo 1.7, which is currently in
beta. The "secure_path" sudoers option can be used to set the PATH.

1.7 is in Karmic now, closing.

Changed in sudo (Ubuntu):
status: Triaged → Fix Released
Changed in sudo (Fedora):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.