FS#64492 - [util-linux] setpriv sets wrong PATH

Attached to Project: Arch Linux
Opened by lukpod (lukpod) - Thursday, 14 November 2019, 03:34 GMT
Last edited by Dave Reisner (falconindy) - Sunday, 08 December 2019, 11:19 GMT
Task Type Feature Request
Category Packages: Core
Status Closed
Assigned To Dave Reisner (falconindy)
Christian Hesse (eworm)
Architecture All
Severity Very Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

PATH set by setpriv contains /sbin, /bin, /usr/sbin which are symbolic links.

# setpriv --reset-env sh -c 'echo $PATH'
/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

# setpriv --reset-env --ruid 1000 sh -c 'echo $PATH'
/usr/local/bin:/bin:/usr/bin

https://www.mankier.com/1/setpriv#--reset-env
This task depends upon

Closed by  Dave Reisner (falconindy)
Sunday, 08 December 2019, 11:19 GMT
Reason for closing:  Fixed
Additional comments about closing:  util-linux-2.34-8
Comment by Doug Newgard (Scimmia) - Thursday, 14 November 2019, 13:39 GMT
Sounds like this is normal. What's the problem?
Comment by lukpod (lukpod) - Thursday, 14 November 2019, 15:20 GMT
Same directories appear in PATH more than once. The setpriv(1) man page says PATH may be different for systems with the /usr merge.

This configure option is missing from the PKGBUILD:

--enable-usrdir-path

From configure --help:

use only /usr paths in PATH env. variable (recommended on systems with /bin -> /usr/bin symlinks)
Comment by Doug Newgard (Scimmia) - Thursday, 14 November 2019, 17:19 GMT
Even with that option, it would still have /usr/sbin/, which is also a symlink. The question, though, is why is this a problem?
Comment by lukpod (lukpod) - Thursday, 14 November 2019, 18:55 GMT
It's just not elegant. /usr/sbin could be patched out. --enable-usrdir-path should be added anyway.
Comment by lukpod (lukpod) - Friday, 22 November 2019, 21:43 GMT
IMO, this is a bug report, not a feature request.

$ ./configure --help
...
--sbindir=DIR
system admin executables [EPREFIX/sbin]
...
--enable-usrdir-path
use only /usr paths in PATH env. variable (recommended on systems with /bin -> /usr/bin symlinks)
Comment by Dave Reisner (falconindy) - Friday, 22 November 2019, 23:23 GMT
> IMO, this is a bug report, not a feature request

Ok, then what's the defect? What incorrect behavior is setpriv exhibiting?
Comment by Dave Reisner (falconindy) - Saturday, 23 November 2019, 00:38 GMT
testing/util-linux-2.34-8 now has --sbindir and --enable-usrdir-path. Feel free to file a bug upstream if this still isn't to your liking.
Comment by lukpod (lukpod) - Saturday, 23 November 2019, 01:44 GMT
Related upstream issue:
https://github.com/karelzak/util-linux/issues/110
Comment by Eli Schwartz (eschwartz) - Sunday, 24 November 2019, 03:25 GMT
Having /bin in the path is a known source of some... fragility, it is officially un-recommended by archlinux and people who do have it manually added sometimes get pretty broken tools to display broken behavior, e.g. attempting to find ${path_to_self_exe}/lib or worse, ${path_to_self_exe}/include.

I'm not sure when setpriv might be used with such tools (from memory, cmake is one of them) but either way it's nice to avoid references to /bin just in case. People should only have those broken tools behaving in a broken fashion, when *they* have overridden the distro $PATH, not when a distro-provided tool overrides their $PATH.

And, indeed, the current version of util-linux in testing now behaves properly as far as I can tell. Yay.

Loading...