[Bug 720181] New: sudo -i unsets $DISPLAY - but manpage says it doesn't
https://bugzilla.novell.com/show_bug.cgi?id=720181 https://bugzilla.novell.com/show_bug.cgi?id=720181#c0 Summary: sudo -i unsets $DISPLAY - but manpage says it doesn't Classification: openSUSE Product: openSUSE 11.4 Version: Final Platform: x86-64 OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security AssignedTo: vcizek@suse.com ReportedBy: suse-beta@cboltz.de QAContact: qa@suse.de CC: puzel@suse.com Found By: Beta-Customer Blocker: ---
From man sudo(8):
-i [command] [...] It also initializes the environment, leaving DISPLAY and TERM unchanged, ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ setting HOME, MAIL, SHELL, USER, LOGNAME, and PATH, as well as the contents of /etc/environment on Linux and AIX systems. All other environment variables are removed. That's the theory. Now see what happens in practise: # env |grep DISPLAY DISPLAY=:0 # sudo -i env | grep DISPLAY root's password: # (nothing) This might be an openSUSE only problem - John Johansen told me that Sudo 1.7.4p6 on Ubuntu keeps the DISPLAY env variable. Yes, the version he uses is newer than what 11.4 has, but the upstream sudo changelog doesn't include anything that would match this bug. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720181
https://bugzilla.novell.com/show_bug.cgi?id=720181#c1
Ludwig Nussel
https://bugzilla.novell.com/show_bug.cgi?id=720181
https://bugzilla.novell.com/show_bug.cgi?id=720181#c2
--- Comment #2 from Christian Boltz
bug in man page. Keeping DISPLAY alone won't work anyways. You also need to handle display cookies etc.
I'm not sure about that ;-) I stumbled over this because aa-notify didn't display any notifications when started with sudo, and calling it with sudo DISPLAY="$DISPLAY" HOME="$HOME" aa-notify -p (which hands over the user's $DISPLAY and $HOME) works... For the records: - aa-notify uses /usr/bin/notify-send which uses DBUS. - you'll need the latest packages from security:apparmor:factory (or chmod 750 /var/log/audit/) if you want to test it - aa-notify was buggy in 11.4 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720181
https://bugzilla.novell.com/show_bug.cgi?id=720181#c3
Vitezslav Cizek
https://bugzilla.novell.com/show_bug.cgi?id=720181
https://bugzilla.novell.com/show_bug.cgi?id=720181#c4
Martin Konold
https://bugzilla.novell.com/show_bug.cgi?id=720181
https://bugzilla.novell.com/show_bug.cgi?id=720181#c5
--- Comment #5 from Vitezslav Cizek
https://bugzilla.novell.com/show_bug.cgi?id=720181
https://bugzilla.novell.com/show_bug.cgi?id=720181#c9
Vitezslav Cizek
https://bugzilla.novell.com/show_bug.cgi?id=720181
https://bugzilla.novell.com/show_bug.cgi?id=720181#c10
--- Comment #10 from Vitezslav Cizek
https://bugzilla.novell.com/show_bug.cgi?id=720181
https://bugzilla.novell.com/show_bug.cgi?id=720181#c11
Benjamin Brunner
https://bugzilla.novell.com/show_bug.cgi?id=720181
https://bugzilla.novell.com/show_bug.cgi?id=720181#c12
--- Comment #12 from Benjamin Brunner
https://bugzilla.novell.com/show_bug.cgi?id=720181
https://bugzilla.novell.com/show_bug.cgi?id=720181#c13
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=720181
https://bugzilla.novell.com/show_bug.cgi?id=720181#c14
Vitezslav Cizek
https://bugzilla.novell.com/show_bug.cgi?id=720181
https://bugzilla.novell.com/show_bug.cgi?id=720181#c15
--- Comment #15 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=720181
https://bugzilla.novell.com/show_bug.cgi?id=720181#c
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=720181
https://bugzilla.novell.com/show_bug.cgi?id=720181#c
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=720181
https://bugzilla.novell.com/show_bug.cgi?id=720181#c17
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=720181
https://bugzilla.novell.com/show_bug.cgi?id=720181#c18
Benjamin Brunner
https://bugzilla.novell.com/show_bug.cgi?id=720181
https://bugzilla.novell.com/show_bug.cgi?id=720181#c
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=720181
https://bugzilla.novell.com/show_bug.cgi?id=720181#c19
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=720181
https://bugzilla.novell.com/show_bug.cgi?id=720181#c
Swamp Workflow Management
participants (1)
-
bugzilla_noreply@novell.com