Re: sh(1) and ksh(1) default PATH

To: tech-userlevel%NetBSD.org@localhost
Subject: Re: sh(1) and ksh(1) default PATH
From: tlaronde%polynum.com@localhost
Date: Mon, 15 Aug 2022 08:28:28 +0200

Hello,

Le Sun, Aug 14, 2022 at 09:41:08PM +0000, David Holland a écrit :
> On Sat, Aug 13, 2022 at 08:59:07PM +0000, nia wrote:
>  > A problem many new NetBSD users encounter is that a default shell
>  > without an initialized home directory containing a ~/.profile
>  > does not include some system PATH entries that would otherwise be
>  > provided from /etc/skel/.profile.
>  > [...]
> 
> There's another wrinkle, which is that /usr/local and /usr/pkg should
> come before /usr... except that this point is apparently contentious
> and has been bikeshedded to death in the past with no consensus
> reached.
> 
> (If there are no bins with duplicate names, it doesn't matter. If
> there are, it does. Argument 1: the point of installing something in
> /usr/local or /usr/pkg that's also in base is to replace the version
> in base, not for it to be inaccessible to ordinary use. Argument 2:
> the stuff in base is canonical and it's wrong for random whatnot to
> arbitrarily override it. I admit I don't fully understand argument 2
> and I suspect it may partly be a leftover response dating from System
> V installs with world-writable /usr/local.)
> 

Argument 2.1: permissions on /usr/local may be relaxed and malicious
software could more easily install devious utilities there to precisely
override safer versions in base. So by default, base version should take
precedence.

> But if we're going to paste new copies of the default path into more
> places we should really try to straighten this out first, or have a
> setting for the order somewhere.
> 
> There's already too many copies as it is, and they aren't all the
> same. The one in etc/login.conf is missing /usr/local/sbin, for
> example.
> 
> I am not clear on why <paths.h> has both _PATH_DEFPATH and
> _PATH_STDPATH and why they're different (one potentially has RESCUEDIR
> in it, whatever that is, and the other has sbin dirs; and neither has
> /usr/X11R7/bin) but probably that should be clarified and then all the
> others derived directly from there rather than repasted.
> 
> (Also, being a system header, paths.h shouldn't be trafficking in
> symbols like RESCUEDIR that belong to the application namespace. I am
> guessing that RESCUEDIR is sometimes set to /rescue? This should get
> sanitized.)

Best,
-- 
        Thierry Laronde <tlaronde +AT+ polynum +dot+ com>
                     http://www.kergis.com/
                    http://kertex.kergis.com/
                       http://www.sbfa.fr/
Key fingerprint = 0FF7 E906 FBAF FE95 FD89  250D 52B1 AE95 6006 F40C

Follow-Ups:
- Re: sh(1) and ksh(1) default PATH
  - From: David Holland

References:
- sh(1) and ksh(1) default PATH
  - From: nia
- Re: sh(1) and ksh(1) default PATH
  - From: David Holland

Prev by Date: Re: sh(1) and ksh(1) default PATH
Next by Date: Re: sh(1) and ksh(1) default PATH
Previous by Thread: Re: sh(1) and ksh(1) default PATH
Next by Thread: Re: sh(1) and ksh(1) default PATH
Indexes:

Home | Main Index | Thread Index | Old Index