super , keep LD_LIBRARY_PATH
Simon Raffeiner (SCC)
simon.raffeiner at kit.edu
Tue Mar 31 11:51:54 UTC 2015
Hi,
you can't. The variable is not removed by super or sudo, but by the
dynamic linker for security reasons.
>From the manpage of ld.so(8):
"LD_LIBRARY_PATH
A colon-separated list of directories in which to search for ELF
libraries at execution-time. Similar to the PATH environment variable.
Ignored in set-user-ID and set-group-ID programs."
The corresponding source code line is
https://sourceware.org/git/?p=glibc.git;a=blob;f=elf/dl-load.c;h=41b91fcc86664b39ea8c0ce5ed35109ab494c925;hb=HEAD#l817
, the __libc_enable_secure flag gets set when a binary is executed
setuid root and prevents the use of untrusted paths LD_LIBRARY_PATH. The
list of trusted paths is generated at compile time, so you can't change
it later.
I have never used super and the only solution I know is the following:
$ export LD_LIBRARY_PATH=/whatever/
$ sudo LD_LIBRARY_PATH=${LD_LIBRARY_PATH} env
kind regards,
Simon
On 31.03.2015 10:13, sanyechong12 at live.com wrote:> Hi everybody!
> How can I keep the enviromet variable LD_LIBRARY_PATH when I excute
> a super command?
>
> I have modified /etc/super.tab:
> :global env=PATH,LD_LIBRARY_PATH,PYTHONPATH
> bzytest /root/test admin
>
> /root/test:
> #!/bin/bash
> export
>
> I can get PATH, PYTHONPATH kept. But LD_LIBRARY_PATH is not.
>
> Forgive my bad english.
>
> Best wishes
>
>
> Shuai
> sanyechong12 at live.com
--
Karlsruhe Institut of Technology (KIT)
Steinbuch Centre for Computing (SCC)
M. Sc. Simon Raffeiner
High Performance Computing Administrator
More information about the Ubuntu-devel-discuss
mailing list