On Wednesday 05 April 2006 11:18, Jon LaBadie wrote:
>On Wed, Apr 05, 2006 at 10:20:59AM -0400, Gene Heskett wrote:
>> Greetings;
>>
>> I've been trying to help Anne Wilson setup a working amanda system
>> at her place for over a week now, and having all sorts of troubles
>> that were triggered by the amanda executables not being in the user
>> amanda's environmental path when she actually logs in as amanda, as
>> opposed to doing an 'su amanda' from root, which of course gets you
>> the full maryann of roots $PATH. Thats why when she sent me an
>> example of the command she was useing, it was always after cd'ing to
>> the amanda src tree and doing "./amcheck" or whatever, otherwise she
>> was getting not found messages.
>>
>> This was found by "su - amanda" means here, and its a huge gotcha
>> for the unwary. Seemingly un-necessary paranoia to me, but...
>>
>> When doing it as amanda, with amanda's full $PATH, /usr/local/sbin,
>> where all of amanda's executables live, is NOT in the $PATH.
>>
>> Adding it to ~/.bash_profile seems to allow it to survive the
>> pathmunge'ing being done in /etc/profile, so I'm A) confused as to
>> why it does, and B) in any event, is there a good reason to
>> dis-allow access to /usr/local/sbin for the normal user?
>>
>> Explain it to me please.
>
><anything>/"s"bin is supposed to contain programs of interest to
>"systems accounts", not to ordinary users. Thus they would not
>be in an ordinary users PATH by default because those users would
>not look to execute them.
So thats why its called Sbin. I always thought it was supposed to be
Scriptbin in the *nix lingo.
>amanda, I feel, is a systems account and should include the "sbin's".
>At least /usr/local/sbin. Not 100% certain that /sbin, /usr/sbin,
>and /usr/X11R6/sbin are needed.
I agree there 100%
>There are oddities, like Sun's wisdom says "ping" is a systems
>program, of no interest to ordinary users, and thus is in /usr/sbin.
>I don't think I know any *nix users who haven't run ping.
>
>su "user" (no dash) retains the current environment but gets the
>"user"s /etc/passwd specified shell but does no login type processing.
>With the dash that shell processes profiles and rc scripts as if it
>were a login shell.
Which is what Anne was being, a good little lady and logging in as
amanda from a login shell. I say little but don't know. From what
I've gleaned, she's somewhere between the two of us in age.
But, from the way I mentally processed the path, and I did in a message
to Anne, /etc/profile specifically removes /usr/local/sbin from the
path if the user has a non-zero uid. It did not do that when I had
added it to /home/amanda/.bash_profile because I'd thrown some echo
$PATH's into /etc/profile just to check, so when it survived the "su -
amanda", I was scratching my head. Does that not reset the root uid
first to that of "amanda"? But I've too sleepy to trace that back for
the second time today.
--
Cheers, Gene
People having trouble with vz bouncing email to me should add the word
'online' between the 'verizon', and the dot which bypasses vz's
stupid bounce rules. I do use spamassassin too. :-)
Yahoo.com and AOL/TW attorneys please note, additions to the above
message by Gene Heskett are:
Copyright 2006 by Maurice Eugene Heskett, all rights reserved.
|