trinity-users@lists.pearsoncomputing.net

Message: previous - next
Month: January 2011

Is sudo-trinity needed?

From: Mike Bird <mgb-trinity@...>
Date: Sat, 15 Jan 2011 14:06:50 -0800

On Sat January 15 2011 11:51:01 Timothy Pearson wrote:
> I wish I could.  The problem is that sudo, at least under Ubuntu and if I
> remember correctly Debian as well, does not allow any environment variable
> or configuration file to change its compiled-in RPATH (probably for
> security reasons).

Hi Tim,

Did you mean PATH rather than RPATH?  This is Debian Squeeze ...

# apt-get install sudo-trinity
<snip>
Setting up sudo-trinity (1.7.2p7-1) ...
# sudo bash
# echo $RPATH

# echo $PATH
/usr/local/sbin:/usr/local/bin:/usr/sbin:/opt/trinity/bin:/usr/bin:/opt/trinity/sbin:/sbin:/bin:/usr/X11R6/bin
#

All that seems to have happened is that the default secure_path has been
overriden.  This can be overriden in /etc/sudoers without sudo-trinity.
This would allow people to both keep their sudo and keep it up to date.

# apt-get install sudo
<snip>
Setting up sudo (1.7.4p4-2) ...
# man sudo
# sudo bash -c 'echo $PATH'
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin
# visudo
# grep secure_path /etc/sudoers
Defaults        secure_path 
= /usr/local/sbin:/usr/local/bin:/usr/sbin:/opt/trinity/bin:/usr/bin:/opt/trinity/sbin:/sbin:/bin:/usr/X11R6/bin
# sudo bash -c 'echo $PATH'
/usr/local/sbin:/usr/local/bin:/usr/sbin:/opt/trinity/bin:/usr/bin:/opt/trinity/sbin:/sbin:/bin:/usr/X11R6/bin
#

--Mike Bird

trinity-users@lists.pearsoncomputing.net

Is sudo-trinity needed?

powered by ezmlm-www (v1.4.5)