Software installed in /usr/local/sbin can not be run with sudo Steps to Reproduce: 1. Install software foo in /usr/local/sbin 2. Run sudo foo Actual results: foo is not found Expected results: foo runs Additional info: http://fedoraproject.org/wiki/Features/SbinSanity states that /usr/local/sbin was added to PATH for all users, but that's not enough. For info, Ubuntu has secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" Maybe /usr/local/bin should be added too.
This message is a reminder that Fedora 20 is nearing its end of life. Approximately 4 (four) weeks from now Fedora will stop maintaining and issuing updates for Fedora 20. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '20'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 20 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete.
The behaviour described by the OP is still the same on F22.
Fedora 22 changed to end-of-life (EOL) status on 2016-07-19. Fedora 22 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. If you are unable to reopen this bug, please file a new report against the current release. If you experience problems, please add a comment to this bug. Thank you for reporting this bug and we are sorry it could not be fixed.
This is still the case in Fedora 24.
Daniel could you answer?
Ok, so I reproduced this issue: $ cat /usr/local/bin/mooh #!/bin/bash echo "mooh" $ mooh mooh $ su - # mooh mooh # logout $ sudo mooh sudo: mooh: command not found
Created attachment 1181793 [details] Update the sudoers secure_path This commit removes /sbin and /bin from the secure_path, as they are symlinks to /usr/sbin and /usr/bin and therefore don't need to be listed twice. This commit also adds /usr/local/sbin and /usr/local/bin to the secure_path, as they already are in the default PATH. https://bugzilla.redhat.com/show_bug.cgi?id=1166185
Hello. I won't change the distribution defaults because of custom scripts in /usr/local. You can adjust the configuration to suit your needs. No package in Fedora should install executables under /usr/local and if it does, then it's most likely a bug. Please see the Fedora packaging guidelines: https://fedoraproject.org/wiki/Packaging:Guidelines#No_Files_or_Directories_under_.2Fsrv.2C_.2Fusr.2Flocal.2C_or_.2Fhome.2F.24USER " In addition, no Fedora package can contain files or directories or modify files under: /usr/local as these directories are not permitted to be used by Distributions in the FHS "
Daniel, whether packages in Fedora install things in /usr/local or not is not the point. (and you're right that they don't, and shouldn't) The point is, /usr/local/bin and /usr/local/sbin are in $PATH. They are also in sudo's secure_path in other popular distributions. Given those two arguments, it would make sense to add them to secure_path in Fedora.
(In reply to Mathieu Bridon from comment #9) > Daniel, whether packages in Fedora install things in /usr/local or not is > not the point. (and you're right that they don't, and shouldn't) > > The point is, /usr/local/bin and /usr/local/sbin are in $PATH. They are also > in sudo's secure_path in other popular distributions. > > Given those two arguments, it would make sense to add them to secure_path in > Fedora. Maybe this a good candidate for a FESCo ticket which you can create at https://fedorahosted.org/fesco/. I don't see a point in supporting paths in the default configuration that cannot contain executables from installed packages.
> I don't see a point in supporting paths in the default configuration that cannot contain executables from installed packages. For consistency with the other distributions and convinance for the users installing custom scripts/software?
Hello, I have opened FESCo ticket: https://pagure.io/fesco/issue/1646
*** Bug 1506582 has been marked as a duplicate of this bug. ***
But the current behavior is inconsistent with how the regular PATH for root (as in "su -") is set up. Fedora should have consistent defaults.
FESCo has already decided on this issue (https://pagure.io/fesco/issue/1646 mentioned in comment #12), so unless you have convinced the current FESCo otherwise, it makes no sense to reopen this bug.
https://pagure.io/fesco/issue/1788
I was hoping that this would not have to go through FESCo again and that consistency would be a strong enough argument to convince the maintainer directly. But apparently I was wrong.
FESCo ruled that "The setup and sudo package maintainers are free to make the decision about this issue without FESCo", so this is no longer a FESCo matter, reopening.
Hi, I made requested change in rawhide. Please check it out. It is included in "sudo-1.8.22-0.1.b1.fc28". I don't want to push it to stable fedoras so it will be in next branched fedora(28).