Red Hat Bugzilla – Bug 102567
/bin/su compiled-in PATH conflicts with LSB, util-linux
Last modified: 2008-01-28 07:02:46 EST
Description of problem:
The sh-utils-1.16-paths.patch applied to the coreutils RPM incorrectly sets the
compiled-in PATH used by 'su -' when it starts a login shell. It conflicts with
both the LSB specification of su(1) and the actual behavior of login(1) [which
is set by lib/pathnames.h in the util-linux package]. The sbin and bin versions
of directories are set in opposite orders.
The /bin/su program in coreutils sets default PATH to
(regular user): /bin:/usr/bin:/usr/local/bin:/usr/bin/X11
The LSB 1.3 says that the default PATH set by 'su -' before /etc/profile is
executed should be
(regular user): /bin:/usr/bin
The /bin/login program from util-linux uses a default PATH almost identical to
the /bin/su LSB specification:
(regular user): /usr/local/bin:/bin:/usr/bin
[The man page for login(1) which discusses the default PATH is incorrect; see
The result is that when starting up a default login shell, PATH is set
differently by /bin/login and /bin/su. The order of sbin and bin directories in
the resulting PATH is different, which has contributed to at least one bug where
a program name (up2date) existed in both /usr/bin and /usr/sbin [#102331].
Version-Release number of selected component (if applicable):
setup-2.5.25-1 (bash startup scripts)
This problem also affects RHEL 2.1 AS and RHL 9.
Steps to Reproduce:
1. Login as root through a virtual console and 'echo $PATH'.
2. Login as a regular user through a virtual console, 'su -', and 'echo $PATH'.
A replacement patch for sh-utils-1.16-paths.patch from coreutils is attached,
which changes the default PATH to match the behavior of lib/pathnames.h from
util-linux-2.11y and fixes the immediate problem.
[This patch doesn't strictly follow the LSB. According to the LSB, /usr/local
paths shouldn't be set by default by /bin/su, which this patch does. That
should probably be done in /etc/profile, but that would require changes to the
setup package, and possibly util-linux as well for consistency.]
Created attachment 93702 [details]
Replacement for existing sh-utils-1.16-paths.patch.
An additional LSB conformance violation is that the coreutils /bin/su does not
honor the ENV_PATH and ENV_SUPATH definitions in /etc/login.defs. Of course,
this is because the LSB assumes that the version of su that is in the
shadow-utils pristine source (which we don't package) is being used instead of
the coreutils version of su.
Closing that forgotten modified bugzilla as ERRATA RHBA-2005:544 - duplicate bug
#158741 was fixed in that update. Feel free to reopen this bug report if the
solution does not work for you.