- 
                Notifications
    You must be signed in to change notification settings 
- Fork 37
          Add DEFAULT_PATH to match de-facto Linux standards
          #119
        
          New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: master
Are you sure you want to change the base?
Conversation
| I feel like the argument that BSD's install ports to  If this is changed then it should probably be a build time configuration option and not just a new order that is the de-facto standard for linux distributions. | 
| I agree that it's more of an argument for removing  I propose that we make  | 
| Looking over this again, I don't think  I think there should be a new variable like  IMHO doas.c:400 should use that default path, this is where opendoas differes from the BSDs where  Lines 387 to 402 in b96106b 
 This way the behavior of looking up specific binaries doesn't change, but the resulting environment of executed commands reflects the more lax de-facto standard path and is more like the workaround with  | 
| Ah, that makes more sense. In that case I think we're better off removing  | 
| I think changing  I don't think making  The default path for rules that basically permit everything this is different since this is also configurable through  | 
| Understandable, I wasn't really suggesting making  I also agree that deviating from the configuration format is a bad idea... however maybe we can add something which still conforms to the existing format spec? Or maybe we can add an additional config file which is optional but it can be used to change the default path. The latter seems overkill to me since we don't really need it for anything else. For now though let's just make default path configurable at build time, that should satisfy everyone. | 
| The default path is already configurable through  | 
| Maybe I misunderstood what you meant by this: 
 I thought we were going to implement a new  | 
| 
 Correct, and with will still be overwritable with  
 Correct  rules like  | 
| I'm sorry for the confusion, I'll outline what I'm proposing: 
 I hope I'm clear now 😄 | 
| Agreed. | 
safepath to match de-facto Linux standardsDEFAULT_PATH to match de-facto Linux standards
      `DEFAULT_PATH` replaces `safepath` for setting the `PATH` variable in the executed process's environment. `DEFAULT_PATH` follows the de-facto standard of Linux distributions which place `/usr/local` directories before their non-local counterparts in $PATH. Unlike BSD, Linux distributions don't put packaged executables under `/usr/local`, instead it is used by the local user to place their own executables, potentially to replace system executables.
| Just checking in. Is this project still alive? | 
| @Wabuo I don't think so. I've started writing an alternative doas implementation in Rust, the basics are working but I've to implement PAM support so it might be a good replacement once it is released. | 
| Cheers, so I might as well uninstall it again ... @TheDcoder | 
| @Wabuo I was aware of the sudo rewrite project but it does not interest me as I don't like sudo. I wasn't aware of RootAsRole, it is an interesting project taking a novel approach, thanks for sharing. I like doas because it's pretty simple and fits my needs, no need for complex configuration... and you probably should reconsider if you really want to be able to do something as root while logged in as a user if it requires complex configuration which can't be provided by simple instructions in  | 
DEFAULT_PATHreplacessafepathfor setting thePATHvariable in the executed process's environment.DEFAULT_PATHfollows the de-facto standard of Linux distributions which place/usr/localdirectories before their non-local counterparts in $PATH.Unlike BSD, Linux distributions don't put packaged executables under
/usr/local, instead it is used by the local user to place their own executables, potentially to replace system executables.This fixes #117