Re: behavior of sudo -E

[Dom <toyer@rpdom.net>]

On 08/07/14 15:42, Harry Putnam wrote:
> I must be miss-understanding the usage of sudo's option `-E' (preserve users
> env).
>
> One would think that tools found along user path would then be
> available to `sudo'
>
> Here is what puzzles me:
>
> Note:
> -------       -------       ---=---       -------       -------
>    ls -l /merb/dv/home/harry/scripts/enw  <= custom script on $PATH
>
>    -rwxr-xr-x 1 harry nfsu 194 Jul  8 10:24 /merb/dv/home/harry/scripts/enw
>
>
>     harry $ echo $PATH (filtered)
>
>     . . . . . . . . . . [...] /merb/dv/home/harry/scripts: [...]   . .
>
>     harry $ which enw:
>     /merb/dv/home/harry/scripts/enw
>
> -------       -------       ---=---       -------       -------
> And now testing sudo -E
> -------       -------       ---=---       -------       -------
>
>     harry $ sudo -E echo $PATH (filtered)
>
>     . . . . . . . . . [...] /merb/dv/home/harry/scripts: [...] . . . . .
>
>
> OK, so far sudo -E has retained the $PATH env of user `harry' that
> leads to the script in question.
>
> However, in that case I do not understand this behavior below:
>
>    sudo -E which enw
>
>    {no output}
>
>    sudo -E enw
>
>    sudo: enw: command not found
>
> -------       -------       ---=---       -------       -------
>
> It seems sudo -E has the right $PATH env, but cannot find a tool along
> that path.

I believe it's to do with the "secure_path" setting in /etc/sudoers. 
This forces the user to have a "sane" PATH variable when using sudo.

There's nothing to stop you running your program using a full or 
relative filename though.


--
Dom