tomh0665 at gmail.com
Mon Jun 9 18:01:30 UTC 2014
On Mon, Jun 9, 2014 at 9:48 AM, Nils Kassube <kassube at gmx.net> wrote:
> Tom H wrote:
>> On Mon, Jun 9, 2014 at 7:25 AM, Liam Proven <lproven at gmail.com> wrote:
>>> On 9 June 2014 13:22, Tom H <tomh0665 at gmail.com> wrote:
>>>> ; you just need to
>>>> switch to root with "sudo -i".
>>> I have never known the difference between ``sudo -s'' and ``sudo
>>> -i''. I always use the former. Can you clarify?
>> "sudo -i" is the same as "sudo su -" and "sudo -s" is the same as
>> "sudo su".
> I think that is only partly correct. With "sudo su" I have $HOME set to
> "/root" while it is still "/home/$USER" for "sudo -s". That is an
> important difference if I then start an application that modifies
> configuration files and changes their permissions in $HOME. It may
> therefore prevent further access to those files by the original user and
> the application run as normal user may no longer work.
I'd never noticed that Ubuntu HOME isn't set to the target user's HOME.
The upstream default (that's not changed in RHEL and Fedora for
example, and perhaps not in other distributions) is for HOME to be
reset to the target user's HOME.
It turns out that there's a patch in Ubuntu (it might be inherited
from Debian, I haven't checked), "keep_home_by_default", to keep HOME.
I wonder what the rationale is/was.
This behavior contradicts the sudoers man page as well as
"/usr/share/doc/sudo/README.Debian"  and it can be overridden with
"-H" when invoking sudo and with "Default always_keep_home" or
"Defaults env_keep -= "HOME"" in "/etc/sudoers" or "/etc/sudoers.d/".
"sudo -s" doesn't change the ownership of already exiting files in
HOME but creates new ones as "root:root"...
 The version of sudo that ships with Debian by default resets the
environment, as described by the "env_reset" flag in the sudoers file.
This implies that all environment variables are removed, except for
LOGNAME, PATH, SHELL, TERM, DISPLAY, XAUTHORITY, XAUTHORIZATION, XAPPLRESDIR,
XFILESEARCHPATH, XUSERFILESEARCHPATH, LANG, LANGUAGE, LC_*, and USER.
More information about the ubuntu-users