How do Ubuntu and Debian manage $HOME for users with sudo privileges?
Clash Royale CLAN TAG#URR8PPP
up vote
37
down vote
favorite
I have a bash script myhome.sh containing only one line:
echo $HOME
The script's owner is a user:
$ ls -l myhome.sh
-rw-rw-r-- 1 user user <date> <time> myhome.sh
In Ubuntu 16.04 and 17.10 I get:
$ echo $HOME
/home/user
$ sudo echo $HOME
/home/user
$ bash myhome.sh
/home/user
$ sudo bash myhome.sh
/home/user
In Debian Buster/Testing I get:
$ echo $HOME
/home/user
$ sudo echo $HOME
/home/user
$ bash myhome.sh
/home/user
# WHY ?
$ sudo bash myhome.sh
/root
I don't understand why inside the script in Debian, if it's executed with sudo, I always get $HOME=/root while in Ubuntu I get $HOME=/home/user. Does anyone know what have the Ubuntu developers changed?
bash debian ubuntu sudo home
edited Apr 19 at 3:42
muru
33.3k576140
asked Apr 18 at 17:38
check-emee
418614
add a comment |Â
up vote
37
down vote
favorite
I have a bash script myhome.sh containing only one line:
echo $HOME
The script's owner is a user:
$ ls -l myhome.sh
-rw-rw-r-- 1 user user <date> <time> myhome.sh
In Ubuntu 16.04 and 17.10 I get:
$ echo $HOME
/home/user
$ sudo echo $HOME
/home/user
$ bash myhome.sh
/home/user
$ sudo bash myhome.sh
/home/user
In Debian Buster/Testing I get:
$ echo $HOME
/home/user
$ sudo echo $HOME
/home/user
$ bash myhome.sh
/home/user
# WHY ?
$ sudo bash myhome.sh
/root
I don't understand why inside the script in Debian, if it's executed with sudo, I always get $HOME=/root while in Ubuntu I get $HOME=/home/user. Does anyone know what have the Ubuntu developers changed?
bash debian ubuntu sudo home
edited Apr 19 at 3:42
muru
33.3k576140
asked Apr 18 at 17:38
check-emee
418614
add a comment |Â
up vote
37
down vote
favorite
up vote
37
down vote
favorite
I have a bash script myhome.sh containing only one line:
echo $HOME
The script's owner is a user:
$ ls -l myhome.sh
-rw-rw-r-- 1 user user <date> <time> myhome.sh
In Ubuntu 16.04 and 17.10 I get:
$ echo $HOME
/home/user
$ sudo echo $HOME
/home/user
$ bash myhome.sh
/home/user
$ sudo bash myhome.sh
/home/user
In Debian Buster/Testing I get:
$ echo $HOME
/home/user
$ sudo echo $HOME
/home/user
$ bash myhome.sh
/home/user
# WHY ?
$ sudo bash myhome.sh
/root
I don't understand why inside the script in Debian, if it's executed with sudo, I always get $HOME=/root while in Ubuntu I get $HOME=/home/user. Does anyone know what have the Ubuntu developers changed?
bash debian ubuntu sudo home
edited Apr 19 at 3:42
muru
33.3k576140
asked Apr 18 at 17:38
check-emee
418614
I have a bash script myhome.sh containing only one line:
echo $HOME
The script's owner is a user:
$ ls -l myhome.sh
-rw-rw-r-- 1 user user <date> <time> myhome.sh
In Ubuntu 16.04 and 17.10 I get:
$ echo $HOME
/home/user
$ sudo echo $HOME
/home/user
$ bash myhome.sh
/home/user
$ sudo bash myhome.sh
/home/user
In Debian Buster/Testing I get:
$ echo $HOME
/home/user
$ sudo echo $HOME
/home/user
$ bash myhome.sh
/home/user
# WHY ?
$ sudo bash myhome.sh
/root
I don't understand why inside the script in Debian, if it's executed with sudo, I always get $HOME=/root while in Ubuntu I get $HOME=/home/user. Does anyone know what have the Ubuntu developers changed?
bash debian ubuntu sudo home
edited Apr 19 at 3:42
muru
33.3k576140
asked Apr 18 at 17:38
check-emee
418614
edited Apr 19 at 3:42
muru
33.3k576140
edited Apr 19 at 3:42
muru
33.3k576140
edited Apr 19 at 3:42
muru
33.3k576140
33.3k576140
asked Apr 18 at 17:38
check-emee
418614
asked Apr 18 at 17:38
check-emee
418614
asked Apr 18 at 17:38
check-emee
418614
418614
add a comment |Â
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
67
down vote
accepted
Both Debian and Ubuntu ship an /etc/sudoers file that contains Defaults env_reset, which resets environment variables.
However, the behavior of env_reset was changed from not touching $HOME to resetting it to the home of the target user.
Ubuntu decided to patch their version of sudo to keep the previous behavior:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/760140
In Ubuntu, in order to reset the $HOME environment variable to the target user, one has to set either Defaults always_set_home or Defaults set_home (in which case only sudo -s will get HOME updated) in their /etc/sudoers.
This bug at Ubuntu tracker has some more rationale on not setting $HOME in sudo:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1373495
See comment #4:
If HOME is removed, then e.g. vim, bash, etc., will use /root/.vimrc,
/root/.bashrc, etc rather than the user's ~/.vimrc, ~/.bashrc, etc.
While it's a bad idea to run X clients via sudo, they too would likely
look in the wrong locations for configuration files, and there's a
chance that X11 clients may not even be able to connect to the X11
server if they are aimed at the wrong .Xauthority file.
It's a conscious decision by Ubuntu developers.
This answer has more details on the sudoers options such as always_set_home:
https://unix.stackexchange.com/a/91572/281844
There's a second issue in your question, which is the sudo echo $HOME which still displays the user's home even in Debian.
That happens because the shell is expanding $HOME before running the sudo command.
So this:
$ sudo echo $HOME
Is first expanded by the shell into:
$ sudo echo /home/user
And then sudo executes echo /home/user as root...
This should demonstrate the difference too:
$ sudo bash -c 'echo $HOME'
/root
Or get a full root shell and see the environment variable there:
$ sudo -s
# echo $HOME
/root
answered Apr 18 at 17:51
Filipe Brandenburger
3,451621
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
67
down vote
accepted
Both Debian and Ubuntu ship an /etc/sudoers file that contains Defaults env_reset, which resets environment variables.
However, the behavior of env_reset was changed from not touching $HOME to resetting it to the home of the target user.
Ubuntu decided to patch their version of sudo to keep the previous behavior:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/760140
In Ubuntu, in order to reset the $HOME environment variable to the target user, one has to set either Defaults always_set_home or Defaults set_home (in which case only sudo -s will get HOME updated) in their /etc/sudoers.
This bug at Ubuntu tracker has some more rationale on not setting $HOME in sudo:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1373495
See comment #4:
If HOME is removed, then e.g. vim, bash, etc., will use /root/.vimrc,
/root/.bashrc, etc rather than the user's ~/.vimrc, ~/.bashrc, etc.
While it's a bad idea to run X clients via sudo, they too would likely
look in the wrong locations for configuration files, and there's a
chance that X11 clients may not even be able to connect to the X11
server if they are aimed at the wrong .Xauthority file.
It's a conscious decision by Ubuntu developers.
This answer has more details on the sudoers options such as always_set_home:
https://unix.stackexchange.com/a/91572/281844
There's a second issue in your question, which is the sudo echo $HOME which still displays the user's home even in Debian.
That happens because the shell is expanding $HOME before running the sudo command.
So this:
$ sudo echo $HOME
Is first expanded by the shell into:
$ sudo echo /home/user
And then sudo executes echo /home/user as root...
This should demonstrate the difference too:
$ sudo bash -c 'echo $HOME'
/root
Or get a full root shell and see the environment variable there:
$ sudo -s
# echo $HOME
/root
answered Apr 18 at 17:51
Filipe Brandenburger
3,451621
add a comment |Â
up vote
67
down vote
accepted
Both Debian and Ubuntu ship an /etc/sudoers file that contains Defaults env_reset, which resets environment variables.
However, the behavior of env_reset was changed from not touching $HOME to resetting it to the home of the target user.
Ubuntu decided to patch their version of sudo to keep the previous behavior:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/760140
In Ubuntu, in order to reset the $HOME environment variable to the target user, one has to set either Defaults always_set_home or Defaults set_home (in which case only sudo -s will get HOME updated) in their /etc/sudoers.
This bug at Ubuntu tracker has some more rationale on not setting $HOME in sudo:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1373495
See comment #4:
If HOME is removed, then e.g. vim, bash, etc., will use /root/.vimrc,
/root/.bashrc, etc rather than the user's ~/.vimrc, ~/.bashrc, etc.
While it's a bad idea to run X clients via sudo, they too would likely
look in the wrong locations for configuration files, and there's a
chance that X11 clients may not even be able to connect to the X11
server if they are aimed at the wrong .Xauthority file.
It's a conscious decision by Ubuntu developers.
This answer has more details on the sudoers options such as always_set_home:
https://unix.stackexchange.com/a/91572/281844
There's a second issue in your question, which is the sudo echo $HOME which still displays the user's home even in Debian.
That happens because the shell is expanding $HOME before running the sudo command.
So this:
$ sudo echo $HOME
Is first expanded by the shell into:
$ sudo echo /home/user
And then sudo executes echo /home/user as root...
This should demonstrate the difference too:
$ sudo bash -c 'echo $HOME'
/root
Or get a full root shell and see the environment variable there:
$ sudo -s
# echo $HOME
/root
answered Apr 18 at 17:51
Filipe Brandenburger
3,451621
add a comment |Â
up vote
67
down vote
accepted
up vote
67
down vote
accepted
Both Debian and Ubuntu ship an /etc/sudoers file that contains Defaults env_reset, which resets environment variables.
However, the behavior of env_reset was changed from not touching $HOME to resetting it to the home of the target user.
Ubuntu decided to patch their version of sudo to keep the previous behavior:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/760140
In Ubuntu, in order to reset the $HOME environment variable to the target user, one has to set either Defaults always_set_home or Defaults set_home (in which case only sudo -s will get HOME updated) in their /etc/sudoers.
This bug at Ubuntu tracker has some more rationale on not setting $HOME in sudo:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1373495
See comment #4:
If HOME is removed, then e.g. vim, bash, etc., will use /root/.vimrc,
/root/.bashrc, etc rather than the user's ~/.vimrc, ~/.bashrc, etc.
While it's a bad idea to run X clients via sudo, they too would likely
look in the wrong locations for configuration files, and there's a
chance that X11 clients may not even be able to connect to the X11
server if they are aimed at the wrong .Xauthority file.
It's a conscious decision by Ubuntu developers.
This answer has more details on the sudoers options such as always_set_home:
https://unix.stackexchange.com/a/91572/281844
There's a second issue in your question, which is the sudo echo $HOME which still displays the user's home even in Debian.
That happens because the shell is expanding $HOME before running the sudo command.
So this:
$ sudo echo $HOME
Is first expanded by the shell into:
$ sudo echo /home/user
And then sudo executes echo /home/user as root...
This should demonstrate the difference too:
$ sudo bash -c 'echo $HOME'
/root
Or get a full root shell and see the environment variable there:
$ sudo -s
# echo $HOME
/root
answered Apr 18 at 17:51
Filipe Brandenburger
3,451621
Both Debian and Ubuntu ship an /etc/sudoers file that contains Defaults env_reset, which resets environment variables.
However, the behavior of env_reset was changed from not touching $HOME to resetting it to the home of the target user.
Ubuntu decided to patch their version of sudo to keep the previous behavior:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/760140
In Ubuntu, in order to reset the $HOME environment variable to the target user, one has to set either Defaults always_set_home or Defaults set_home (in which case only sudo -s will get HOME updated) in their /etc/sudoers.
This bug at Ubuntu tracker has some more rationale on not setting $HOME in sudo:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1373495
See comment #4:
If HOME is removed, then e.g. vim, bash, etc., will use /root/.vimrc,
/root/.bashrc, etc rather than the user's ~/.vimrc, ~/.bashrc, etc.
While it's a bad idea to run X clients via sudo, they too would likely
look in the wrong locations for configuration files, and there's a
chance that X11 clients may not even be able to connect to the X11
server if they are aimed at the wrong .Xauthority file.
It's a conscious decision by Ubuntu developers.
This answer has more details on the sudoers options such as always_set_home:
https://unix.stackexchange.com/a/91572/281844
There's a second issue in your question, which is the sudo echo $HOME which still displays the user's home even in Debian.
That happens because the shell is expanding $HOME before running the sudo command.
So this:
$ sudo echo $HOME
Is first expanded by the shell into:
$ sudo echo /home/user
And then sudo executes echo /home/user as root...
This should demonstrate the difference too:
$ sudo bash -c 'echo $HOME'
/root
Or get a full root shell and see the environment variable there:
$ sudo -s
# echo $HOME
/root
answered Apr 18 at 17:51
Filipe Brandenburger
3,451621
edited Apr 18 at 20:58
answered Apr 18 at 17:51
Filipe Brandenburger
3,451621
answered Apr 18 at 17:51
Filipe Brandenburger
3,451621
answered Apr 18 at 17:51
Filipe Brandenburger
3,451621
3,451621
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f438564%2fhow-do-ubuntu-and-debian-manage-home-for-users-with-sudo-privileges%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
