Mailinglist Archive: yast-devel (73 mails)

< Previous Next >
Re: [yast-devel] Moving stuff from /sbin /bin /lib /lib64 to /usr/*
Hash: SHA1

Hi Johannes,

Am 09.07.2014 16:31, schrieb Johannes Meixner:


On Jul 9 11:56 Thomas Biege wrote (excerpt):
Am 08.07.2014 12:35, schrieb Johannes Meixner:
I would appreciate an authoritative "recommended default
way" how to set up a reasonably clean environment before
calling programs as root.

Is perhaps calling "su - root" a reasonable way?

I am not sure what exactly you want to solve by calling "su -
root". I think I just miss the context.

I think the final goal is to "do something appropriate" in YaST
before it calls external programs to avoid "unexpected issues".

ah, I got it now.

I would not use "su" but explicitly set the PATH as you mentioned
below because you will not rely on "su" then, reduce the process
overhead, and have a defined state of the environ**.


I am afraid, but I cannot describe it in more exact words.

I think what might be basically wanted is to run external programs
by YaST in the same way as if the user root would have called them

Because "man su" reads

- -, -l, --login
Starts the shell as a login shell with an environment similar to a
real login: o clears all the environment variables except TERM o
initializes the environment variables HOME, SHELL, USER, LOGNAME,
and PATH o changes to the target user's home directory o sets
argv[0] of the shell to '-' in order to make the shell a login

I asked if perhaps calling "su - root" in YaST before it calls
other external programs is a reasonable way to run them in the same
way as if the user root would have called them manually.

On the other hand I don't know if it is really wise to run external
programs by YaST in the same way as if the user root would have
called them manually because the user root in an arbitrary real
system "out there" may have whatever unexpected settings like
strange PATH or strange locale or whatever else.

Therefore it is perhaps better to explicitly set PATH, locale, and
whatever else to sane values as I attempt it currently via

# Make sure to have a clean environment:
export PATH="/sbin:/usr/sbin:/usr/bin:/bin" export LC_ALL="POSIX"
export LANG="POSIX" umask 022

Kind Regards Johannes Meixner

- --
Thomas Biege <thomas@xxxxxxx>, Team Leader MaintenanceSecurity, CSSLP
SUSE LINUX Products GmbH
GF: Jeff Hawn, Jennifer Guild, Felix Imend├Ârffer
HRB 21284 (AG N├╝rnberg)
- --
Wer aufhoert besser werden zu wollen, hoert auf gut zu sein.
-- Marie von Ebner-Eschenbach
Version: GnuPG v2.0.22 (GNU/Linux)
Comment: Using GnuPG with Thunderbird -

To unsubscribe, e-mail: yast-devel+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: yast-devel+owner@xxxxxxxxxxxx

< Previous Next >