[yast-devel] Moving stuff from /sbin /bin /lib /lib64 to /usr/*

newer
[yast-devel] Pending Pull Requests

older
[yast-devel] Pending Pull Requests

Lukas Ocilka

7 Jul 2014 7 Jul '14

12:01

Hi fellow developers :) Fourteen days ago, I had an issue to fix: Installer was calling /bin/rm but there was none - it's been already moved to /usr/bin/rm [#1]. Object /bin/rm should have been linking to /usr/bin/rm. In fact, the bug has been most probably caused by a broken build or installer DVD or maybe inst-sys build. But this has shown how fragile might be a code that uses obsolete paths [#2], [#3]. So, please, next time you (or me) add a code which calls some binaries, let's make sure it uses the `currently` right path. Let's use the /usr/* whenever it's possible. Many people are asking: Should I change all the code now? The answer is: No, just when you touch it anyway, make sure you change it the right way. It's similar to replacing Builtins.* with with their Ruby fellows, e.g. Builtins.y2milestone -> log.info. Thanks in advance Lukas #1 https://github.com/yast/yast-installation/pull/217 #2 https://en.opensuse.org/openSUSE:Usr_merge #3 http://www.freedesktop.org/wiki/Software/systemd/TheCaseForTheUsrMerge/ PS: Please correct me if I have written anything wrong :) -- Lukas Ocilka, Systems Management (Yast) Team Leader Cloud & Systems Management Department, SUSE Linux -- To unsubscribe, e-mail: yast-devel+unsubscribe@opensuse.org To contact the owner, e-mail: yast-devel+owner@opensuse.org

Show replies by date

Josef Reidinger

7 Jul 7 Jul

12:07

On Mon, 07 Jul 2014 14:01:15 +0200 Lukas Ocilka wrote:

...

Hi fellow developers :)

Fourteen days ago, I had an issue to fix: Installer was calling /bin/rm but there was none - it's been already moved to /usr/bin/rm [#1]. Object /bin/rm should have been linking to /usr/bin/rm. In fact, the bug has been most probably caused by a broken build or installer DVD or maybe inst-sys build.

But this has shown how fragile might be a code that uses obsolete paths [#2], [#3]. So, please, next time you (or me) add a code which calls some binaries, let's make sure it uses the `currently` right path. Let's use the /usr/* whenever it's possible.

Many people are asking: Should I change all the code now? The answer is: No, just when you touch it anyway, make sure you change it the right way. It's similar to replacing Builtins.* with with their Ruby fellows, e.g. Builtins.y2milestone -> log.info.

Thanks in advance Lukas

#1 https://github.com/yast/yast-installation/pull/217 #2 https://en.opensuse.org/openSUSE:Usr_merge #3 http://www.freedesktop.org/wiki/Software/systemd/TheCaseForTheUsrMerge/

PS: Please correct me if I have written anything wrong :)

I have general question and I think answer to it should be somewhere written as documented decision. Why we use absolute path to binary? I think proper set PATH in environment should be goal and use common path. Also from security point of view it is quite useless because if PATH is attacked, then also any real root action is attacked. For me it is more native to write "rm -rf /" and not "/usr/bin/rm -rf /". Josef -- To unsubscribe, e-mail: yast-devel+unsubscribe@opensuse.org To contact the owner, e-mail: yast-devel+owner@opensuse.org

Lukas Ocilka

12:11

On 7.7.2014 14:07, Josef Reidinger wrote:

...

On Mon, 07 Jul 2014 14:01:15 +0200 Lukas Ocilka wrote:

...
Hi fellow developers :)

Fourteen days ago, I had an issue to fix: Installer was calling /bin/rm but there was none - it's been already moved to /usr/bin/rm [#1]. Object /bin/rm should have been linking to /usr/bin/rm. In fact, the bug has been most probably caused by a broken build or installer DVD or maybe inst-sys build.

But this has shown how fragile might be a code that uses obsolete paths [#2], [#3]. So, please, next time you (or me) add a code which calls some binaries, let's make sure it uses the `currently` right path. Let's use the /usr/* whenever it's possible.

Many people are asking: Should I change all the code now? The answer is: No, just when you touch it anyway, make sure you change it the right way. It's similar to replacing Builtins.* with with their Ruby fellows, e.g. Builtins.y2milestone -> log.info.

Thanks in advance Lukas

#1 https://github.com/yast/yast-installation/pull/217 #2 https://en.opensuse.org/openSUSE:Usr_merge #3 http://www.freedesktop.org/wiki/Software/systemd/TheCaseForTheUsrMerge/

PS: Please correct me if I have written anything wrong :)

I have general question and I think answer to it should be somewhere written as documented decision.

Why we use absolute path to binary? I think proper set PATH in environment should be goal and use common path. Also from security point of view it is quite useless because if PATH is attacked, then also any real root action is attacked.

For me it is more native to write "rm -rf /" and not "/usr/bin/rm -rf /".

Sure, I myself also prefer the shorter way, but I think it was because of security. Let's ask our security expert if this is really the case, or whether it has changed meanwhile. Thomas, please, have a look. Thanks in advance Lukas -- Lukas Ocilka, Systems Management (Yast) Team Leader Cloud & Systems Management Department, SUSE Linux -- To unsubscribe, e-mail: yast-devel+unsubscribe@opensuse.org To contact the owner, e-mail: yast-devel+owner@opensuse.org

Arvin Schnell

12:17

On Mon, Jul 07, 2014 at 02:11:48PM +0200, Lukas Ocilka wrote:

...

On 7.7.2014 14:07, Josef Reidinger wrote:

...

...
I have general question and I think answer to it should be somewhere written as documented decision.

Why we use absolute path to binary? I think proper set PATH in environment should be goal and use common path. Also from security point of view it is quite useless because if PATH is attacked, then also any real root action is attacked.

...

Sure, I myself also prefer the shorter way, but I think it was because of security. Let's ask our security expert if this is really the case, or whether it has changed meanwhile.

Bug https://bugzilla.novell.com/show_bug.cgi?id=794084 mentions some reasons. Regards, Arvin -- Arvin Schnell, Senior Software Engineer, Research & Development SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg) Maxfeldstraße 5 90409 Nürnberg Germany -- To unsubscribe, e-mail: yast-devel+unsubscribe@opensuse.org To contact the owner, e-mail: yast-devel+owner@opensuse.org

Josef Reidinger

12:23

On Mon, 7 Jul 2014 14:17:40 +0200 Arvin Schnell wrote:

...

On Mon, Jul 07, 2014 at 02:11:48PM +0200, Lukas Ocilka wrote:

...
On 7.7.2014 14:07, Josef Reidinger wrote:

...
...
I have general question and I think answer to it should be somewhere written as documented decision.

Why we use absolute path to binary? I think proper set PATH in environment should be goal and use common path. Also from security point of view it is quite useless because if PATH is attacked, then also any real root action is attacked.

...
Sure, I myself also prefer the shorter way, but I think it was because of security. Let's ask our security expert if this is really the case, or whether it has changed meanwhile.

Bug https://bugzilla.novell.com/show_bug.cgi?id=794084 mentions some reasons.

Regards, Arvin

I see some reasons, but I worry that we need to proper fix PATH otherwise 1) any call that do not have absolute path is security problem ( I know a lot of places where we call e.g. sed without absolute path, so simple fake sed in some location can be used to get root permissions ) 2) if some module need path that is not standard, then it is up to module to properly set it or use absolute path 3) we are affected by changes of binary as showed above Josef -- To unsubscribe, e-mail: yast-devel+unsubscribe@opensuse.org To contact the owner, e-mail: yast-devel+owner@opensuse.org

Arvin Schnell

12:52

On Mon, Jul 07, 2014 at 02:23:36PM +0200, Josef Reidinger wrote:

...

On Mon, 7 Jul 2014 14:17:40 +0200 Arvin Schnell wrote:

...
On Mon, Jul 07, 2014 at 02:11:48PM +0200, Lukas Ocilka wrote:

...
On 7.7.2014 14:07, Josef Reidinger wrote:

...
...
I have general question and I think answer to it should be somewhere written as documented decision.

Why we use absolute path to binary? I think proper set PATH in environment should be goal and use common path. Also from security point of view it is quite useless because if PATH is attacked, then also any real root action is attacked.

...
Sure, I myself also prefer the shorter way, but I think it was because of security. Let's ask our security expert if this is really the case, or whether it has changed meanwhile.

Bug https://bugzilla.novell.com/show_bug.cgi?id=794084 mentions some reasons.

Regards, Arvin

I see some reasons, but I worry that we need to proper fix PATH

But how, esp. if we want to make parts of YaST available as libraries (modules/gems)?

...

From my point of a library should work with any PATH variable.

Regards, Arvin -- Arvin Schnell, Senior Software Engineer, Research & Development SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg) Maxfeldstraße 5 90409 Nürnberg Germany -- To unsubscribe, e-mail: yast-devel+unsubscribe@opensuse.org To contact the owner, e-mail: yast-devel+owner@opensuse.org

Josef Reidinger

13:01

On Mon, 7 Jul 2014 14:52:07 +0200 Arvin Schnell wrote:

...

On Mon, Jul 07, 2014 at 02:23:36PM +0200, Josef Reidinger wrote:

...
On Mon, 7 Jul 2014 14:17:40 +0200 Arvin Schnell wrote:

...
On Mon, Jul 07, 2014 at 02:11:48PM +0200, Lukas Ocilka wrote:

...
On 7.7.2014 14:07, Josef Reidinger wrote:

...
...
I have general question and I think answer to it should be somewhere written as documented decision.

Why we use absolute path to binary? I think proper set PATH in environment should be goal and use common path. Also from security point of view it is quite useless because if PATH is attacked, then also any real root action is attacked.

...
Sure, I myself also prefer the shorter way, but I think it was because of security. Let's ask our security expert if this is really the case, or whether it has changed meanwhile.

Bug https://bugzilla.novell.com/show_bug.cgi?id=794084 mentions some reasons.

Regards, Arvin

I see some reasons, but I worry that we need to proper fix PATH

But how, esp. if we want to make parts of YaST available as libraries (modules/gems)?

From my point of a library should work with any PATH variable.

Regards, Arvin

On other hand absolute path can make troubles to use library/gem on non-suse systems or even on older suse systems, which is wrong from my POV. I think it is reasonable requirement for library or gem, that it need working path to its work. So I think resolution can be use PATH for common binaries and for specific binaries use absolute path. Josef -- To unsubscribe, e-mail: yast-devel+unsubscribe@opensuse.org To contact the owner, e-mail: yast-devel+owner@opensuse.org

Arvin Schnell

13:22

On Mon, Jul 07, 2014 at 03:01:40PM +0200, Josef Reidinger wrote:

...

On other hand absolute path can make troubles to use library/gem on non-suse systems or even on older suse systems, which is wrong from my POV.

Yes, that's why I dislike all this moving of binaries.

...

So I think resolution can be use PATH for common binaries and for specific binaries use absolute path.

Paving the path to security issues? I suppose developers just use a library and expect it to be safe independent of PATH. For libstorage that's my objective. Regards, Arvin -- Arvin Schnell, Senior Software Engineer, Research & Development SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg) Maxfeldstraße 5 90409 Nürnberg Germany -- To unsubscribe, e-mail: yast-devel+unsubscribe@opensuse.org To contact the owner, e-mail: yast-devel+owner@opensuse.org

Josef Reidinger

13:30

On Mon, 7 Jul 2014 15:22:24 +0200 Arvin Schnell wrote:

...

On Mon, Jul 07, 2014 at 03:01:40PM +0200, Josef Reidinger wrote:

...
On other hand absolute path can make troubles to use library/gem on non-suse systems or even on older suse systems, which is wrong from my POV.

Yes, that's why I dislike all this moving of binaries.

I agree, I also do not see benefit of this step.

...

...
So I think resolution can be use PATH for common binaries and for specific binaries use absolute path.

Paving the path to security issues? I suppose developers just use a library and expect it to be safe independent of PATH. For libstorage that's my objective.

Maybe we can look around how other tools do this task and collect possible ideas how to solve it? Josef

...

Regards, Arvin

-- To unsubscribe, e-mail: yast-devel+unsubscribe@opensuse.org To contact the owner, e-mail: yast-devel+owner@opensuse.org

Arvin Schnell

14:39

On Mon, Jul 07, 2014 at 03:30:52PM +0200, Josef Reidinger wrote:

...

On Mon, 7 Jul 2014 15:22:24 +0200 Arvin Schnell wrote:

...
On Mon, Jul 07, 2014 at 03:01:40PM +0200, Josef Reidinger wrote:

...
On other hand absolute path can make troubles to use library/gem on non-suse systems or even on older suse systems, which is wrong from my POV.

Yes, that's why I dislike all this moving of binaries.

I agree, I also do not see benefit of this step.

...
...
So I think resolution can be use PATH for common binaries and for specific binaries use absolute path.

Paving the path to security issues? I suppose developers just use a library and expect it to be safe independent of PATH. For libstorage that's my objective.

Maybe we can look around how other tools do this task and collect possible ideas how to solve it?

Sure, I just grepped for "bin/" in my upstream git repos directory and found e.g. (more than 200): ./hwinfo/src/hd/block.c: hd_data->lsscsi = read_file("|/usr/bin/lsscsi -t 2>/dev/null", 0, 0); ./hwinfo/src/hd/net.c: str_printf(&buf, 0, "|/usr/sbin/ethtool -e %s 2>/dev/null", hd->unix_dev_name); ./linux-pam/modules/pam_xauth/pam_xauth.c: "/usr/bin/X11/xauth" ./linux-pam/modules/pam_namespace/pam_namespace.c: if (execle("/bin/rm", "/bin/rm", "-rf", pptr->instance_prefix, NULL, envp) < 0) ./glibc/stdio-common/test-popen.c: output = popen("/bin/cat", "m"); ./xfsprogs/libdisk/dm.c: else if (!access("/sbin/dmsetup", R_OK|X_OK)) ./libyui/libyui-gtk/src/YGDialog.cc: ret = system ("/usr/bin/xterm &"); ./libzypp/zypp/KeyRing.cc: #define GPG_BINARY "/usr/bin/gpg2" ./libzypp/tests/zypp/PluginFrame_test.cc: PluginScript scr( "/bin/cat" ); And in all systemd service files I couldn't find a single Exec statement without a full path. Regards, Arvin -- Arvin Schnell, Senior Software Engineer, Research & Development SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg) Maxfeldstraße 5 90409 Nürnberg Germany -- To unsubscribe, e-mail: yast-devel+unsubscribe@opensuse.org To contact the owner, e-mail: yast-devel+owner@opensuse.org

Thomas Biege

8 Jul 8 Jul

09:55

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi. Am 07.07.2014 14:11, schrieb Lukas Ocilka:

...

On 7.7.2014 14:07, Josef Reidinger wrote:

...
On Mon, 07 Jul 2014 14:01:15 +0200 Lukas Ocilka wrote: [...]

...

...
I have general question and I think answer to it should be somewhere written as documented decision.

Why we use absolute path to binary? I think proper set PATH in environment should be goal and use common path. Also from security point of view it is quite useless because if PATH is attacked, then also any real root action is attacked.

For me it is more native to write "rm -rf /" and not "/usr/bin/rm -rf /".

Sure, I myself also prefer the shorter way, but I think it was because of security. Let's ask our security expert if this is really the case, or whether it has changed meanwhile.

I would suggest to set PATH to a safe value (/bin, /sbin, /usr/bin, /usr/sbin, maybe more) in your code and use the short form of the command for your convenience. This also increase the stability of your code. Attacking code via PATH is only interesting in scenarios where a normal user can execute a privileged binary (setuid, for example) and this privileged code relies on PATH or other environment variables. If you use sudo/su the PATH should be ok. The same for calling it directly as root. HTH Thomas - -- Thomas Biege , Team Leader MaintenanceSecurity, CSSLP SUSE LINUX Products GmbH GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer HRB 21284 (AG Nürnberg) - -- Wer aufhoert besser werden zu wollen, hoert auf gut zu sein. -- Marie von Ebner-Eschenbach -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJTu7/9AAoJEJqHoVJVjr8DiGsH/1SpZ4NTct+BtIKoUcitoqJe /AyynwYwRgTGLnEQLJtCWRbv9VAPIi4jtRFcEdB1X9f/MzHJ1bhzJSp992+UQqjp 4e4TPLKCKzHVQxAKyg5iEZurjo4Ui2qm7K5uAe/4k9Wz1PfA6ztIyOLPqfmAPLN4 fCrvbHa4hHorUJbl/nRCh0IJvxwy2vyhhLTjubrf9fScfy2UV+tg6DhnFFf42rgo wNYivs6e9IxW55tlEK474WnFDFxGNkFhxZ5bZBmOHgafl6FGN56RVspZAZDkST0S jDbEnsD1Ki6GY62eTGqcSy0T+NAhdwhLjrYH0MtpzFASut2ZjyQwbBJZApccyd0= =ab7a -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: yast-devel+unsubscribe@opensuse.org To contact the owner, e-mail: yast-devel+owner@opensuse.org

Johannes Meixner

10:35

Hello Thomas, On Jul 8 11:55 Thomas Biege wrote (excerpt):

...

I would suggest to set PATH to a safe value (/bin, /sbin, /usr/bin, /usr/sbin, maybe more) in your code and use the short form of the command for your convenience.

I wonder if the ordering of the directories in PATH is of importance? In https://bugzilla.novell.com/show_bug.cgi?id=794084#c11 you suggested to set PATH to /bin:/usr/bin:/sbin:/usr/sbin root has after log in /sbin:/usr/sbin:/usr/local/sbin:/root/bin:/usr/local/bin:/usr/bin:/bin:... In bash scripts and when running commands in yast2-printer I use --------------------------------------------------------------------- # Make sure to have a clean environment: export PATH="/sbin:/usr/sbin:/usr/bin:/bin" export LC_ALL="POSIX" export LANG="POSIX" umask 022 --------------------------------------------------------------------- I would appreciate an authoritative "recommended default way" how to set up a reasonably clean environment before calling programs as root. Is perhaps calling "su - root" a reasonable way? Kind Regards Johannes Meixner -- SUSE LINUX Products GmbH -- Maxfeldstrasse 5 -- 90409 Nuernberg -- Germany HRB 16746 (AG Nuernberg) GF: Jeff Hawn, Jennifer Guild, Felix Imendoerffer -- To unsubscribe, e-mail: yast-devel+unsubscribe@opensuse.org To contact the owner, e-mail: yast-devel+owner@opensuse.org

Thomas Biege

14:18

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Am 08.07.2014 12:35, schrieb Johannes Meixner:

...

Hello Thomas,

On Jul 8 11:55 Thomas Biege wrote (excerpt):

...
I would suggest to set PATH to a safe value (/bin, /sbin, /usr/bin, /usr/sbin, maybe more) in your code and use the short form of the command for your convenience.

I wonder if the ordering of the directories in PATH is of importance?

In https://bugzilla.novell.com/show_bug.cgi?id=794084#c11 you suggested to set PATH to /bin:/usr/bin:/sbin:/usr/sbin

root has after log in /sbin:/usr/sbin:/usr/local/sbin:/root/bin:/usr/local/bin:/usr/bin:/bin:...

This

...

one looks good and we use it already.

...

In bash scripts and when running commands in yast2-printer I use ---------------------------------------------------------------------

# Make sure to have a clean environment:

...

export PATH="/sbin:/usr/sbin:/usr/bin:/bin" export LC_ALL="POSIX" export LANG="POSIX" umask 022 ---------------------------------------------------------------------

I would appreciate an authoritative "recommended default way" how to set up a reasonably clean environment before calling programs as root.

Is perhaps calling "su - root" a reasonable way?

For executing "rm"? Bye, Thomas

...

Kind Regards Johannes Meixner

- -- Thomas Biege , Team Leader MaintenanceSecurity, CSSLP SUSE LINUX Products GmbH GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer HRB 21284 (AG Nürnberg) - -- Wer aufhoert besser werden zu wollen, hoert auf gut zu sein. -- Marie von Ebner-Eschenbach -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJTu/2uAAoJEJqHoVJVjr8DQzYIAMVoHj4KaPx/eJz+U+gEwpgY EdTWBhMHZRuHAJpvBM99hv7I1Sf36tmXY4VOv6nkzmKLBEc3pr7Yuwa+Jk6W2g9K meDsz0Fj8RPQM4IKj137MZZdIEIaF2MbNXXgbL33C+lb2NR5c8E3BuH6xjqPaRSv Bx90YrWu2NlX7GWR1j1nm3CR/scEEVVAltHqKG1M7+qBwx6bMR6KasMwtJ7af4Ks uZvO+iFESUSH/8yICSfeEcwhaSaFLZgBn2TZoSJHgIi9IHflQ59GS6nrBVco9XUU 7DTIhUfj5wYE/OWfl4DRaDPqWN5Tm0Pq7G4X8QzM14dU/QoO8AbAI0IJNIobaCw= =i9CG -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: yast-devel+unsubscribe@opensuse.org To contact the owner, e-mail: yast-devel+owner@opensuse.org

Johannes Meixner

9 Jul 9 Jul

09:52

Hello, On Jul 8 16:18 Thomas Biege wrote:

...

Am 08.07.2014 12:35, schrieb Johannes Meixner: ...

...
I would appreciate an authoritative "recommended default way" how to set up a reasonably clean environment before calling programs as root.

Is perhaps calling "su - root" a reasonable way?

For executing "rm"?

I do not understand what you mean. Kind Regards Johannes Meixner -- SUSE LINUX Products GmbH -- Maxfeldstrasse 5 -- 90409 Nuernberg -- Germany HRB 16746 (AG Nuernberg) GF: Jeff Hawn, Jennifer Guild, Felix Imendoerffer -- To unsubscribe, e-mail: yast-devel+unsubscribe@opensuse.org To contact the owner, e-mail: yast-devel+owner@opensuse.org

Thomas Biege

09:56

Am 09.07.14 11:52, schrieb Johannes Meixner:

...

Hello,

On Jul 8 16:18 Thomas Biege wrote:

...
Am 08.07.2014 12:35, schrieb Johannes Meixner: ...

...
I would appreciate an authoritative "recommended default way" how to set up a reasonably clean environment before calling programs as root.

Is perhaps calling "su - root" a reasonable way?

For executing "rm"?

I do not understand what you mean.

I am not sure what exactly you want to solve by calling "su - root". I think I just miss the context. Bye, Thomas

...

Kind Regards Johannes Meixner

-- Thomas Biege , Team Leader MaintenanceSecurity, CSSLP SUSE LINUX Products GmbH GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer HRB 21284 (AG Nürnberg) -- Wer aufhoert besser werden zu wollen, hoert auf gut zu sein. -- Marie von Ebner-Eschenbach

Johannes Meixner

14:31

Hello, On Jul 9 11:56 Thomas Biege wrote (excerpt):

...

...
...
Am 08.07.2014 12:35, schrieb Johannes Meixner: ...

...
I would appreciate an authoritative "recommended default way" how to set up a reasonably clean environment before calling programs as root.

Is perhaps calling "su - root" a reasonable way?

I am not sure what exactly you want to solve by calling "su - root". I think I just miss the context.

I think the final goal is to "do something appropriate" in YaST before it calls external programs to avoid "unexpected issues". I am afraid, but I cannot describe it in more exact words. I think what might be basically wanted is to run external programs by YaST in the same way as if the user root would have called them manually. Because "man su" reads ------------------------------------------------------------------------ -, -l, --login Starts the shell as a login shell with an environment similar to a real login: o clears all the environment variables except TERM o initializes the environment variables HOME, SHELL, USER, LOGNAME, and PATH o changes to the target user's home directory o sets argv[0] of the shell to '-' in order to make the shell a login shell ------------------------------------------------------------------------ I asked if perhaps calling "su - root" in YaST before it calls other external programs is a reasonable way to run them in the same way as if the user root would have called them manually. On the other hand I don't know if it is really wise to run external programs by YaST in the same way as if the user root would have called them manually because the user root in an arbitrary real system "out there" may have whatever unexpected settings like strange PATH or strange locale or whatever else. Therefore it is perhaps better to explicitly set PATH, locale, and whatever else to sane values as I attempt it currently via --------------------------------------------------------------------- # Make sure to have a clean environment: export PATH="/sbin:/usr/sbin:/usr/bin:/bin" export LC_ALL="POSIX" export LANG="POSIX" umask 022 --------------------------------------------------------------------- Kind Regards Johannes Meixner -- SUSE LINUX Products GmbH -- Maxfeldstrasse 5 -- 90409 Nuernberg -- Germany HRB 16746 (AG Nuernberg) GF: Jeff Hawn, Jennifer Guild, Felix Imendoerffer -- To unsubscribe, e-mail: yast-devel+unsubscribe@opensuse.org To contact the owner, e-mail: yast-devel+owner@opensuse.org

Thomas Biege

10 Jul 10 Jul

09:24

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Johannes, Am 09.07.2014 16:31, schrieb Johannes Meixner:

...

Hello,

On Jul 9 11:56 Thomas Biege wrote (excerpt):

...
...
...
Am 08.07.2014 12:35, schrieb Johannes Meixner: ...

...
I would appreciate an authoritative "recommended default way" how to set up a reasonably clean environment before calling programs as root.

Is perhaps calling "su - root" a reasonable way?

I am not sure what exactly you want to solve by calling "su - root". I think I just miss the context.

I think the final goal is to "do something appropriate" in YaST before it calls external programs to avoid "unexpected issues".

ah, I got it now. I would not use "su" but explicitly set the PATH as you mentioned below because you will not rely on "su" then, reduce the process overhead, and have a defined state of the environ**. HTH Thomas

...

I am afraid, but I cannot describe it in more exact words.

I think what might be basically wanted is to run external programs by YaST in the same way as if the user root would have called them manually.

Because "man su" reads ------------------------------------------------------------------------

- -, -l, --login

...

Starts the shell as a login shell with an environment similar to a real login: o clears all the environment variables except TERM o initializes the environment variables HOME, SHELL, USER, LOGNAME, and PATH o changes to the target user's home directory o sets argv[0] of the shell to '-' in order to make the shell a login shell ------------------------------------------------------------------------

I asked if perhaps calling "su - root" in YaST before it calls

...

other external programs is a reasonable way to run them in the same way as if the user root would have called them manually.

On the other hand I don't know if it is really wise to run external programs by YaST in the same way as if the user root would have called them manually because the user root in an arbitrary real system "out there" may have whatever unexpected settings like strange PATH or strange locale or whatever else.

Therefore it is perhaps better to explicitly set PATH, locale, and whatever else to sane values as I attempt it currently via ---------------------------------------------------------------------

# Make sure to have a clean environment:

...

export PATH="/sbin:/usr/sbin:/usr/bin:/bin" export LC_ALL="POSIX" export LANG="POSIX" umask 022 ---------------------------------------------------------------------

Kind Regards Johannes Meixner

- -- Thomas Biege , Team Leader MaintenanceSecurity, CSSLP SUSE LINUX Products GmbH GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer HRB 21284 (AG Nürnberg) - -- Wer aufhoert besser werden zu wollen, hoert auf gut zu sein. -- Marie von Ebner-Eschenbach -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJTvlu/AAoJEJqHoVJVjr8D+LUH/2IA0LeH87cGPdzgEUiFpsGr MVjV8BqEhx/B/74rXi7hg6iAWk20/PLevc/ktTuhPAAtiTbd86kxNZhwuGS9akvU mircecHyWGsl7VbKcEdeAcy6hXKTCJ849FHy6TLSkgKGBPhcyqv+nTKjnUCXYIME jlpufOJNtAIEprj2cNf7HxiOiUM/A22hdoQ/HUHN2mduD3hPRI+hnVLuJPTWhnzP G1ZGZHu36JFAaVqFh6j8xMg+x0HIO+GN+kVwphxTtQVZ+5U4MC1515yHJIlg9BQp T4l2iubE/NXCFluA9cLfQeRSKKTyEUwTWVNnLqHVGG8+DxfclPod6XLlCGMRsGw= =yJvO -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: yast-devel+unsubscribe@opensuse.org To contact the owner, e-mail: yast-devel+owner@opensuse.org

3586

Age (days ago)

3589

Last active (days ago)

List overview

Download

16 comments

5 participants

participants (5)

Arvin Schnell
Johannes Meixner
Josef Reidinger
Lukas Ocilka
Thomas Biege

[yast-devel] Moving stuff from /sbin /bin /lib /lib64 to /usr/*

tags

participants (5)