HPE Community
Operating System - HP-UX
1819836 Members
3360 Online
109607 Solutions
New Discussion юеВ

Re: Where is Path set for SU?

 
SOLVED
Go to solution
Greg Roberts
Advisor

тАО10-27-2000 09:59 AM

тАО10-27-2000 09:59 AM

Where is Path set for SU?

Dumb question but where is PATH set for SU? I would think it's /.profile but none of the Paths set in it are being set for SU , just get PATH=/usr/sbin:/usr/bin. We automount common files like usr/local for all machines from one disk plus alot of others files. Any way to find where Path is set for SU??
0 Kudos
Reply
6 REPLIES 6
James R. Ferguson
Acclaimed Contributor

тАО10-27-2000 10:06 AM

тАО10-27-2000 10:06 AM

Solution

Re: Where is Path set for SU?

Greg:

From the man page for 'su':

If you specify the - option of the su command, the new shell starts up as if you just logged in, except as follows:

+ The HOME variable is reset to the new user's home directory.

+ If the new user name is root, the path and prompt variables are reset:
PATH=/usr/bin:/usr/sbin:/sbin
PS1=#

Does this help?

...JRF...
Reply
Greg Roberts
Advisor

тАО10-27-2000 10:13 AM

тАО10-27-2000 10:13 AM

Re: Where is Path set for SU?

OK, is there an easy why to override the default PATH for su besides exporting a path?
0 Kudos
Reply
Madhu Sudhan_1
Respected Contributor

тАО10-27-2000 10:15 AM

тАО10-27-2000 10:15 AM

Re: Where is Path set for SU?

Greg:
There are two types of commands, 1)Internal and 2) External
Internal commands : Itnernal commands are commands which are known to the shell and are part of the shell.
External commands : These commands require an external file (Executables/shellscripts etc.,) to be present at some directory.
Now the question comes how does shell know where it is located ?
The answer is PATH variable.

When it comes to path, generally it will be set in global /etc/profile or /home/greg/.profile, The order of execution of these profiles is /etc/profile -> /home/greg/.profie.

Generally, if path is not set and you fire the command, shell says 'not found'. If you want to find out exactly where a partiuclar executable is located, you can use

# whereis
The output of above command will be the path where the executable is located.

or the find command can be used.
# find / -name 2>/dev/null -print.

Regarding su command it is located at /usr/bin/su.

Regards,
......Madhu
Think Positive
0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

тАО10-27-2000 10:29 AM

тАО10-27-2000 10:29 AM

Re: Where is Path set for SU?

Greg:

I think you want to 'su' without the '-' flag. Try this:

# echo $PATH
# PATH=$PATH:/tmp #...add /tmp to PATH
# su someuser
# echo $PATH
# exit # back to original
# su - someuser
# echo $PATH
# exit

...JRF...
0 Kudos
Reply
Bill Hassell
Honored Contributor

тАО10-27-2000 12:00 PM

тАО10-27-2000 12:00 PM

Re: Where is Path set for SU?

A really big CAUTION: never use su without the - sign! It is one of the classic security hacks in Unix. When you use su without the -, ESPECIALLY su with no toptions, you are not in the new user environment. This is especially critical for root becuase not only is $PATH not set according to root's rules, but many other variables, aliases, things that root admins get used to are not setup.

The same is true for some like root doing an su to oracle. The oracle user may have all sorts of customized tasks and settings run by .profile but they won't be touched without using the - option as in:

/usr/bin/su - oracle

Notice that I did NOT type su? Where did your copy of su come from? Since su without any directory will wander through the $PATH values, it could be /usr/local/bin/su or even /tmp/su, programs put there specifically by a hacker. To see where su will come from, use the whence -v command (ksh, POSIX sh) as in:

whence -v su

So the default $PATH for su is the hacker's environment--except for root where su tries to keep you from getting in trouble. So, to avoid big problems, never type su without the - sign.


Bill Hassell, sysadmin
0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

тАО10-27-2000 12:10 PM

тАО10-27-2000 12:10 PM

Re: Where is Path set for SU?

Bill:

Thanks for the cautionary note! A really good point!

...JRF...
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.