Giters

sorin-ionescu / prezto

The configuration framework for Zsh

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

su preserves user env vars causing all kinds of trouble

NuLL3rr0r opened this issue · comments

commented

Description

Let's say I have the following settings in side my user's ~/.zprofile:

# ccache
export CCACHE_CONFIGPATH=${HOME}/.config/ccache.conf

# golang workspace setup
export GOPATH="${HOME}/dev/go"
export PATH=$PATH:$(go env GOPATH)/bin

# perl cpan modules
export PATH="/home/mamadou/.local/lib64/perl5/bin${PATH:+:${PATH}}"
export PERL5LIB="/home/mamadou/.local/lib64/perl5/lib/perl5${PERL5LIB:+:${PERL5LIB}}"
export PERL_LOCAL_LIB_ROOT="/home/mamadou/.local/lib64/perl5${PERL_LOCAL_LIB_ROOT:+:${PERL_LOCAL_LIB_ROOT}}";
export PERL_MB_OPT="--install_base \"/home/mamadou/.local/lib64/perl5\""
export PERL_MM_OPT="INSTALL_BASE=/home/mamadou/.local/lib64/perl5"

When I type the su command and enter my root password if I issue env command I see the value of those variables get carried over to the root environment causing all kinds of issues. For example, CCACHE writes binary files to my user's home directory instead of the global cache. Or, my package manager portage fails to build Wine, because it cannot find some Perl modules inside my user's Perl cache. Or, running go compiler as root gets Go dependencies and put them inside my user's home directory.

The only workaround is to add the following to my user's .zprofile:

# avoid user env var preservation with su
alias su="sudo -g wheel -u root -H /usr/bin/env zsh"

Expected behavior

The env vars should not be preserved in the root environment when user access is elevated by su.

Actual behavior

It preservers the env vars and carry them over to the root environment.

Steps to Reproduce

  1. Put some env var in the user's .zprofile.
  2. Type su and then press Enter.
  3. Run env command as su.

Versions

  • Prezto commit: All versions including latest
  • ZSH version: 5.8
  • OS information: Linux mamadou-pc 5.15.16 #95 SMP Sat Jan 22 16:08:31 CET 2022 x86_64 Intel(R) Core(TM) i7-6820HK CPU @ 2.70GHz GenuineIntel GNU/Linux
commented

Thanks for filing this!

This is a pretty weird quirk related to how su works. An alternative is su - which tells su to run a login shell and should properly reset environment variables.

If you've got any more questions, I'm happy to answer them but because this is expected behavior of su I'm closing this.

commented

Thank you very much! I thought this might be a bug. And, thanks for mentioning su -. I have changed my su alias to the following and it works:

# avoid user env var preservation with su
#alias su="sudo -g wheel -u root -H /usr/bin/env zsh"
alias su="su -"