2

I have a strange issue where sudo is not preserving the PATH by default. I tried the answers from this question and it works when I use the sudo env "PATH=$PATH" version but I want to fix this permanently.

Here's my PATH as regular user and under sudo:

$ echo $PATH
/usr/local/bin:/bin:/usr/bin:/opt/jdk/bin:/opt/python3/bin:/opt/qt5/bin
$ sudo printenv | grep 'PATH'
PATH=/bin:/usr/ucb:/usr/bin:/usr/sbin:/sbin:/usr/etc:/etc

I tried sudo -E and sudo "PATH=$PATH but they don't work either. sudo env "PATH=$PATH" works but I have to type it every time run sudo. I want to avoid doing that every time I run sudo.

I'm not sure where sudo is picking up this path from. I don't have secure_path hard-coded or env_reset in /etc/sudoers. Hence this is not a duplicate of this question.

Any ideas what is going on and how to fix this? I would prefer not create aliases or hard-code the secure_path.

Edit:

As requested, the output of sudo -l:

$ sudo -l
User munir may run the following commands on munir-lfs:
    (ALL) NOPASSWD: ALL
Community
  • 1
Munir
  • 3,332
  • 1
    What does sudo -l report? – muru Nov 04 '16 at 04:06
  • @muru Added that to the question – Munir Nov 04 '16 at 13:07
  • @ThomasDickey I have already seen that question and it is linked in the first paragraph of my question but it is not a permanent solution. Like I have already mentioned in the question, I want this to be fixed without having to do sudo env "PATH=$PATH. Basically I want the PATH under sudo to be the same as the users PATH, always. – Munir Nov 04 '16 at 14:06
  • There's more than one solution offered there, some are permanent. – Thomas Dickey Nov 04 '16 at 14:11
  • @ThomasDickey I tried all...none of them worked. I wouldn't be asking this question otherwise. I don't want to hard-code the secure_path unless as a last resort. – Munir Nov 04 '16 at 14:12
  • @Munir it would be a security hole to preserve the PATH. You can overwrite it (with secure_path) but you shouldn't really be looking to preserve it. – Chris Davies Nov 04 '16 at 14:22
  • @roaima I am the only user on the system, and it is really irritating that software I have installed under /usr/local/bin and /opt doesn't work because sudo can't find it. My current PATH without sudo is the system PATH from /etc/profile. So, it is really surprising that sudo is not using that but creating it's own PATH. – Munir Nov 04 '16 at 14:27
  • @Munir remove the secure_path definition and then check sudo -V. On my system here this preserves PATH (and can be verified as doing so). – Chris Davies Nov 04 '16 at 14:42
  • @roaima I don't have a secure_path defined, which is why I am confused that the PATH is different under sudo. My current /etc/sudoers has only two lines which are not commented out: root ALL=(ALL) ALL %sudo ALL=(ALL) NOPASSWD: ALL – Munir Nov 04 '16 at 15:02
  • Which section does sudo -V have PATH listed in? – Chris Davies Nov 04 '16 at 15:11
  • You can get more info on sudo's builtin config from sudo sudo -V. You might try adding a sudoers entry to override any builtin options: Defaults:munir !secure_path, env_keep+="PATH". Make sure you have a root shell somewhere to reover with first. – meuh Nov 04 '16 at 15:53
  • @roaima PATH is under Environment variables to preserve. I guess I'll just define a secure_path since this question has been (incorrectly) closed. – Munir Nov 04 '16 at 22:52
  • @Munir it's on its way to being reopened. (Slowly.) If I get to write an answer I'll see if I can determine the necessary settings to allow PATH to carry through. I achieved it on my test system here so it's clearly possible. – Chris Davies Nov 04 '16 at 23:56
  • @roaima Thanks...i defined a secure_path and it works as expected. But if you have an alternate would be interested in knowing it. Let's wait for this to reopen. – Munir Nov 05 '16 at 00:20
  • @roaima post is reopened – muru Nov 15 '16 at 06:06

0 Answers0