Differences between bash, bash -l, su username, su - username, sudo -s -u username, sudo -i -u suername ?

gioir

New Member
Joined
Nov 14, 2019
Messages
2
Reaction score
0
Credits
0
Hello,
I am a newbie in Linux and am studying the bash shell.
I set an environment variable A1=100 (export A1=100).
After that, I executed each commands in the title.
The username is the same one as the one I am logging in.

What I expected is:

commands executedvalue of A1
bash -l
su - username

sudo -i -u username
undefined
bash
su username

sudo -s -u username
100


However, what I got is:

commands executedvalue of A1
su - username
sudo -i -u username

sudo -s -u username
undefined
bash
bash -l

su username
100

In other words, environment variable is not copied to the shell executed by sudo command (or reset after executing the shell? How by sudo -s?), and is not reset by executing the login shell (bash -l).
I expected that the environment variable is copied to the non-login sub shell, but is reset by executing the login sub shell.

I am not able to understand the results and why.
Please help me! understand the results.
Thank you.
 


Hello,

For the sudo part (https://linux.die.net/man/8/sudo) :
-i [command]
The -i (simulate initial login) option runs the shell specified by the password database entry of the target user as a login shell. This means that login-specific resource files such as .profile or .login will be read by the shell. If a command is specified, it is passed to the shell for execution via the shell's -c option. If no command is specified, an interactive shell is executed. sudo attempts to change to that user's home directory before running the shell. The security policy shall initialize the environment to a minimal set of variables, similar to what is present when a user logs in. The Command Environment section in the sudoers(5) manual documents how the -i option affects the environment in which a command is run when the sudoers policy is in use.

su (http://man7.org/linux/man-pages/man1/su.1.html) :
-, -l, --login
Start the shell as a login shell with an environment similar
to a real login:

o clears all the environment variables except TERM and
variables specified by --whitelist-environment


o initializes the environment variables HOME, SHELL,
USER, LOGNAME, and PATH

o changes to the target user's home directory

o sets argv[0] of the shell to '-' in order to make
the shell a login shell

I didn't find anything on bash itself. Maybe theres something in your user login init script that resets the env ?

When Bash is invoked as an interactive login shell, or as a non-interactive shell with the --login option, it first reads and executes commands from the file /etc/profile, if that file exists. After reading that file, it looks for ~/.bash_profile, ~/.bash_login, and ~/.profile, in that order, and reads and executes commands from the first one that exists and is readable. The --noprofile option may be used when the shell is started to inhibit this behavior.

If bash clears out the env on login invocation I think it should be documented. So if it's the case you earned the right to fill a bugreport/patch to the bash man pages.
 
Hello,

For the sudo part (https://linux.die.net/man/8/sudo) :


su (http://man7.org/linux/man-pages/man1/su.1.html) :


I didn't find anything on bash itself. Maybe theres something in your user login init script that resets the env ?



If bash clears out the env on login invocation I think it should be documented. So if it's the case you earned the right to fill a bugreport/patch to the bash man pages.

Thank you for your detailed information.
I think that bash does nothing with the environment variable A1 in the login scripts, but su - or sudo itself does unset it.
When I execute bash, bash -l, or su username command, the environment variable A1 is not unset from starting /etc/profile to ending ~.bash_profile.
When I execute sudo -i -u username, sudo -s -u username, or su - username command, the environment variable A1 is already unset before starting /etc/profile.
 

Members online


Top