[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#31814: setuid programs are not first in PATH
|
From: |
Ludovic Courtès |
|
Subject: |
bug#31814: setuid programs are not first in PATH |
|
Date: |
Sun, 17 Jun 2018 23:07:00 +0200 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) |
Hello Clément,
Clément Lassieur <address@hidden> skribis:
> sourcing /etc/profile
>
> - prepends /run/setuid-programs to $PATH
> - then sources $HOME/.guix-profile/etc/profile
>
> and sourcing $HOME/.guix-profile/etc/profile
>
> - prepends $HOME/.guix-profile/bin to $PATH
> - prepends $HOME/.guix-profile/sbin to $PATH
>
> so in the end, $PATH looks like:
>
> ~/.config/guix/current/bin:~/.guix-profile/bin:~/.guix-profile/sbin:/run/setuid-programs:...
>
> and a command like 'ping' is found in ~/.guix-profile/bin, which makes
> it unusable.
AFAICS this is not a regression, but it can be fixed this way:
diff --git a/gnu/system.scm b/gnu/system.scm
index 7cb12a827..d367307a2 100644
--- a/gnu/system.scm
+++ b/gnu/system.scm
@@ -616,9 +616,6 @@ unset PATH
GUIX_PROFILE=/run/current-system/profile ; \\
. /run/current-system/profile/etc/profile
-# Prepend setuid programs.
-export PATH=/run/setuid-programs:$PATH
-
# Since 'lshd' does not use pam_env, /etc/environment must be explicitly
# loaded when someone logs in via SSH. See <http://bugs.gnu.org/22175>.
# We need 'PATH' to be defined here, for 'cat' and 'cut'. Do this before
@@ -645,6 +642,9 @@ do
fi
done
+# Prepend setuid programs.
+export PATH=/run/setuid-programs:$PATH
+
# Arrange so that ~/.config/guix/current/share/info comes first.
export INFOPATH=\"$HOME/.config/guix/current/share/info:$INFOPATH\"
In the example you give (inetutils), I suppose users want
/run/setuid-programs/ping to come first. I wonder if there are
situations where the current behavior is desirable; maybe not.
Thoughts?
Thanks,
Ludo’.