FS#56683 - [shadow] filesystem 2017.10-2 wrong $PATH order because /etc/login.defs vs /etc/profile collision
Attached to Project:
Arch Linux
Opened by Natrio (natrio) - Monday, 11 December 2017, 17:29 GMT
Last edited by Sébastien Luttringer (seblu) - Tuesday, 19 December 2017, 12:57 GMT
Opened by Natrio (natrio) - Monday, 11 December 2017, 17:29 GMT
Last edited by Sébastien Luttringer (seblu) - Tuesday, 19 December 2017, 12:57 GMT
|
Details
After filesystem upgrade to 2017.10-2 the PATH variable have
wrong order like
/usr/bin:/usr/local/sbin:/usr/local/bin:...
As a result, this raises the priority packaged executables higher than local executables, and it is a problem, if some commands are locally redefined. Previously PATH was like /usr/local/sbin:/usr/local/bin:/usr/bin:... , and revertind to filesystem-2017.03-2 can also turns it back. The collision is between /etc/login.defs file: ------------------------------- ENV_SUPATH PATH=/usr/bin ENV_PATH PATH=/usr/bin ------------------------------- and /etc/profile : ------------------------------- appendpath () { case ":$PATH:" in *:"$1":*) ;; *) PATH="$PATH:$1" esac } appendpath '/usr/local/sbin' appendpath '/usr/local/bin' appendpath '/usr/bin' ------------------------------- As we see, the PATH firstly defined as "/usr/bin" in login.defs, and AFTER that appended to "/usr/bin:/usr/local/sbin:/usr/local/bin" . Last "appendpath '/usr/bin'" line was not affected, because it already present in PATH. |
This task depends upon
Closed by Sébastien Luttringer (seblu)
Tuesday, 19 December 2017, 12:57 GMT
Reason for closing: Fixed
Additional comments about closing: 4.5-4
Tuesday, 19 December 2017, 12:57 GMT
Reason for closing: Fixed
Additional comments about closing: 4.5-4
So, if PATH is empty on start of /etc/profile script, it caused PATH=:/usr/local/sbin:/usr/local/bin:/usr/bin as result, because appendpath() always adding ":" before any dir.
(Surely this is an entirely reasonable way to use PATH and the /usr/local/bin directory?)
This problem badly impacted on our usage of several systems; various programs were just not behaving as expected.
For us, the severity is medium, but we have worked around by resetting PATH to sensible ordering within the Openbox environment.
Interesting, good catch!
@seblu,
I think appendpath should be using PATH="${PATH:+$PATH:}$1". This is specified by POSIX to only add the : if PATH already contains something in it.
I didn't catch the order issue before, will look tomorrow.
testing/shadow 4.5-4 works for me, thanks!