The Computer Oracle

How to set path for sudo commands

--------------------------------------------------
Rise to the top 3% as a developer or hire one of them at Toptal: https://topt.al/25cXVn
--------------------------------------------------

Music by Eric Matyas
https://www.soundimage.org
Track title: Lost Meadow

--

Chapters
00:00 How To Set Path For Sudo Commands
00:33 Accepted Answer Score 114
01:19 Answer 2 Score 8
01:41 Answer 3 Score 10
02:08 Answer 4 Score 0
02:47 Thank you

--

Full question
https://superuser.com/questions/927512/h...

--

Content licensed under CC BY-SA
https://meta.stackexchange.com/help/lice...

--

Tags
#linux #ubuntu #commandline #path #sudo

#avk47


ACCEPTED ANSWER

Score 114


This is normally set by the secure_path option in /etc/sudoers. From man sudoers:

 secure_path   Path used for every command run from sudo.  If you don't
               trust the people running sudo to have a sane PATH environ‐
               ment variable you may want to use this.  Another use is if
               you want to have the “root path” be separate from the “user
               path”.  Users in the group specified by the exempt_group
               option are not affected by secure_path.  This option is not
               set by default.

To run commands that are not in the default $PATH, you can either

  1. Use the full path: sudo ~/bin/my-command; or

  2. Add the directory containing the command to secure_path. Run sudo visudo and edit the secure path line:

    Defaults        secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/home/youruser/bin/"

    Save the file and next time you run sudo, the directory ~/bin will be in its $PATH.



ANSWER 2

Score 10


You can also use sudo env PATH=$PATH ...rest_of_command_here.... Since that's not so convenient to type, I've added an alias alias sudop='sudo env PATH=$PATH'. The sudop (rather than aliasing sudo itself) is a reminder to me to make me aware that I am preserving my current environment path.



ANSWER 3

Score 8


This is what I used for a workaround:

sudo cp $(which my-command) /usr/bin
...

The which command is executed in a subshell that is non-root, so it is able to find my-command, then, sudo copies the executable to a path that the root user can access. Not great for security, but it was ok for me running a docker image that was being destroyed right after the command was run.



ANSWER 4

Score 0


How to symlink or copy an executable to a bin dir that sudo has access to

I'm using a text editor called micro. I ran sudo micro /etc/sysctl.conf and got this error:

sudo: micro: command not found

That's because micro is in my ~/bin dir, but that's a personal bin dir to my user only. To give sudo access to it, I can either symlink it or copy it to /usr/bin as well:

# symlink it (my preference)
# Create a symlink at /usr/bin/micro which points to my personal ~/bin/micro
# executable
sudo ln -si ~/bin/micro /usr/bin

# OR: copy it
sudo cp -i ~/bin/micro /usr/bin

Done. Now when I run sudo micro it works fine.