1

I have a strange issue where sudo is not preserving the PATH by default. I tried the answers from this question and it works when I use the sudo env "PATH=$PATH" version but I want to fix this permanently.

Here's my PATH as regular user and under sudo:

$ echo $PATH
/usr/local/bin:/bin:/usr/bin:/opt/jdk/bin:/opt/python3/bin:/opt/qt5/bin
$ sudo printenv | grep 'PATH'
PATH=/bin:/usr/ucb:/usr/bin:/usr/sbin:/sbin:/usr/etc:/etc

I tried sudo -E and sudo "PATH=$PATH but they don't work either. sudo env "PATH=$PATH" works but I have to type it every time run sudo. I want to avoid doing that every time I run sudo.

I'm not sure where sudo is picking up this path from. I don't have secure_path hard-coded or env_reset in /etc/sudoers. Hence this is not a duplicate of this question.

Any ideas what is going on and how to fix this? I would prefer not create aliases or hard-code the secure_path.

Edit:

As requested, the output of sudo -l:

$ sudo -l
User munir may run the following commands on munir-lfs:
    (ALL) NOPASSWD: ALL
Community
  • 1
Munir
  • 3,222
  • 13
  • 27
  • 1
    What does `sudo -l` report? – muru Nov 04 '16 at 04:06
  • @muru Added that to the question – Munir Nov 04 '16 at 13:07
  • @ThomasDickey I have already seen that question and it is linked in the first paragraph of my question but it is not a permanent solution. Like I have already mentioned in the question, I want this to be fixed without having to do `sudo env "PATH=$PATH`. Basically I want the PATH under sudo to be the same as the users PATH, always. – Munir Nov 04 '16 at 14:06
  • There's more than one solution offered there, some are permanent. – Thomas Dickey Nov 04 '16 at 14:11
  • @ThomasDickey I tried all...none of them worked. I wouldn't be asking this question otherwise. I don't want to hard-code the `secure_path` unless as a last resort. – Munir Nov 04 '16 at 14:12
  • @Munir it would be a security hole to preserve the `PATH`. You can overwrite it (with `secure_path`) but you shouldn't really be looking to preserve it. – roaima Nov 04 '16 at 14:22
  • @roaima I am the only user on the system, and it is really irritating that software I have installed under `/usr/local/bin` and `/opt` doesn't work because `sudo` can't find it. My current PATH without `sudo` is the system PATH from `/etc/profile`. So, it is really surprising that `sudo` is not using that but creating it's own PATH. – Munir Nov 04 '16 at 14:27
  • @Munir remove the `secure_path` definition and then check `sudo -V`. On my system here this preserves `PATH` (and can be verified as doing so). – roaima Nov 04 '16 at 14:42
  • @roaima I don't have a `secure_path` defined, which is why I am confused that the PATH is different under `sudo`. My current `/etc/sudoers` has only two lines which are not commented out: `root ALL=(ALL) ALL %sudo ALL=(ALL) NOPASSWD: ALL` – Munir Nov 04 '16 at 15:02
  • Which section does `sudo -V` have `PATH` listed in? – roaima Nov 04 '16 at 15:11
  • You can get more info on sudo's builtin config from `sudo sudo -V`. You might try adding a sudoers entry to override any builtin options: `Defaults:munir !secure_path, env_keep+="PATH"`. Make sure you have a root shell somewhere to reover with first. – meuh Nov 04 '16 at 15:53
  • @roaima PATH is under Environment variables to preserve. I guess I'll just define a `secure_path` since this question has been (incorrectly) closed. – Munir Nov 04 '16 at 22:52
  • @Munir it's on its way to being reopened. (Slowly.) If I get to write an answer I'll see if I can determine the necessary settings to allow `PATH` to carry through. I achieved it on my test system here so it's clearly possible. – roaima Nov 04 '16 at 23:56
  • @roaima Thanks...i defined a `secure_path` and it works as expected. But if you have an alternate would be interested in knowing it. Let's wait for this to reopen. – Munir Nov 05 '16 at 00:20
  • @roaima post is reopened – muru Nov 15 '16 at 06:06

0 Answers0