Comment 4 for bug 1791691

#!/bin/sh
if [ -z "$PATH" ]
then
 echo PATH=/snap/bin
else
 echo PATH=$PATH:/snap/bin
fi

is the more correct minimal implementation. Note that for the case of no-path set (initrmafs-less boot, lxd boot) the PATH environment variable is not set yet; but can be prepended or expanded.

E.g. echo PATH=\$PATH:/snap/bin; is also a valid case for empty $PATH

however, output of PATH=:/snap/bin, is not. as that clears PATH, does not cause PATH expansion and injects PWD into PATH which is a security vulnerability typically.

Test case:

   # PATH= /usr/lib/systemd/system-environment-generators/snapd-env-generator
   PATH=:/snap/bin

... is bad

   # PATH= /usr/lib/systemd/system-environment-generators/snapd-env-generator
   PATH=/snap/bin

... is good