Mailinglist Archive: opensuse (1264 mails)

< Previous Next >
Re: [opensuse] konsole
On 22/06/17 05:24 AM, Dave Plater wrote:


On 18/06/2017 14:31, Anton Aylward wrote:
Running just "su" alone meremly changes your effective UID.
By default, it is to root, but could to to another user.
It does not alter HOME, SHELL, USER, LOGNAME, and PATH.
That last one is important. A real root shell expects to have /sbin &
/usr/sbin
in the PATH
AFAIK and this has how it has always been. If I use su, I've never used su -,
my
$HOME is /root and I have /sbin /usr/sbin added to my user's $PATH.

You seem to be contradicting yourself.
First you agree with me, then you say the opposite.

Perhaps you'd perform a test for me.

1. bring up your system again from boot but in text mode not GUI mode.

2. Log in as a regular user.

3. Run the 'env' command ad save it to a file. /tmp/f1.txt

4. Now do the same, in turn, each of "su" and and "su -", each at the user level
prompt. Files F2.txt for the 'su" and F3.txt for the "su -"

Do you get asked for the password for eah of "su" and "su -"?


Now do side-by-side "sdiff" (see the man page on this, and you might consider
using "diff3") on each combination of the files.

Please try reconciling that with what you find when you read the man page for
"su".


Let me -- or rather the list - know what you observe and what you conclude.

I'm particularly interested in the difference between f2.txt and f3.txt.

In the interests of full disclosure, here's mine; the differ3ence between "su"
on the left and "su -" on the right.
https://paste.opensuse.org/87356798

As you can see, the "su" keeps a lot of the 'anton' environment.

Of course alot of this is affected by the setting in /etc/pam.d for "su" and
"su-l", as well as polkit, /etc/ttydefs, /etc/login.defs, possibly someting in
sysconfig, and almost certainly (in my case) changes to /etc/group.


it is also possible that TW is different, and that SLE has made LEAP change, but
do check what you observe with the man page. If in fact the behaviour has
changed, then the documentation needs changing.

This is what the docco/man page says:

First, it recommends:

It is recommended to always use the --login option (instead of
its shortcut -) to avoid side effects caused by mixing environments.

Well OUCH! Don't take shortcuts :-) I'll have to note that!

Then it explains:

-, -l, --login
Start the shell as a login shell with an environment similar
to a real login:

o clears all the environment variables except TERM
o initializes the environment variables HOME, SHELL,
USER, LOGNAME, and PATH
o changes to the target user's home directory
o sets argv[0] of the shell to '-' in order to make
the shell a login shell

Please note that:
initializes the environment variables HOME, SHELL, USER, LOGNAME, and PATH

This is what I've been trying to emphasise


What you can do with "su" can be buqquered around with by config that you don't
see. What happens with "su --login" is clear and definitive.

Sidebar: what happens with sudo can be quite arbitrary, but at least you can see
it there if you know how to parse the sudo config file, which is the single
soruce point.

--
A: Yes.
> Q: Are you sure?
>> A: Because it reverses the logical flow of conversation.
>>> Q: Why is top posting frowned upon?


--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
Follow Ups