로그인 유무에 관계없이 사용자를 전환할 때 PATH 환경 변수 동작

tag-icon tag-icon bash environment-variables bashrc .profile environment
로그인 유무에 관계없이 사용자를 전환할 때 PATH 환경 변수 동작

사용자로 로그인한 다음 다른 사용자로 전환하면 PATH로그인 유무에 관계없이 전환이 완료되면 환경 변수가 변경됩니다. 다음 스니펫을 참조하세요.

$ ssh -i ~/.ssh/ubuntu.pem [email protected]
ubuntu@kingdom:~$ echo $PATH | tr ':' '\n' | grep sbin
/usr/local/sbin
/usr/sbin
/sbin
ubuntu@kingdom:~$ sudo su -l foo # with login
foo@kingdom:~$ echo $PATH | tr ':' '\n' | grep sbin
foo@kingdom:~$ exit
logout
ubuntu@kingdom:~$ sudo su foo # without login
foo@kingdom:/home/ubuntu$ echo $PATH | tr ':' '\n' | grep sbin
/usr/local/sbin
/usr/sbin
/sbin
foo@kingdom:/home/ubuntu$ exit
exit

$ ssh -o -i ~/.ssh/foo.pem [email protected]
foo@kingdom:~$ echo $PATH | tr ':' '\n' | grep sbin
/usr/local/sbin
/usr/sbin
/sbin
foo@kingdom:~$ sudo su -l ubuntu
ubuntu@kingdom:~$ echo $PATH | tr ':' '\n' | grep sbin
ubuntu@kingdom:~$

보시다시피 ubuntuuser 를 사용하여 우분투 상자에 로그인하고 사용자를 확인하면 PATH/sbin있습니다. 사용자 로 전환하여 foo확인하면 전환 시 (로그인용)이 지정되었는지 PATH여부에 따라 영향을 받습니다 . -l로그인하면 이 PATH영향을 받고 이 /sbin존재하지 않습니다. 사용자가 전환될 때 로그인을 건너뛰는 경우에는 발생하지 않습니다.

우분투 foo상자에 사용자 로 연결하면 . 사용자 로 전환한 다음 로그인을 통해 사용자 로 전환한 경우 이 표시되지 않는지 확인하세요.PATH/sbinubuntuPATH/sbinubuntu

그건 그렇고, 나는 bash를 사용하고 있습니다.

또한 사용자 bash 및 프로필 구성 중 일부를 삭제하려고 시도했지만 도움이 되지 않았습니다. 아래를 참조하세요

ubuntu@kingdom:~$ echo $PATH | tr ':' '\n' | grep sbin
ubuntu@kingdom:~$ sudo rm /home/foo/.bash /home/foo/.bashrc /home/foo/.profile
ubuntu@kingdom:~$ sudo su -l foo
foo@kingdom:~$ echo $PATH | tr ':' '\n' | grep sbin
foo@kingdom:~$ exit
logout
ubuntu@kingdom:~$ sudo rm -rf /etc/profile.d/
ubuntu@kingdom:~$ sudo su -l foo
foo@kingdom:~$ echo $PATH | tr ':' '\n' | grep sbin
foo@kingdom:~$ exit
logout
ubuntu@kingdom:~$ cat /etc/environment
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games"

업데이트(TL;DR):

ubuntu@kingdom:~$ echo $PATH | tr ':' '\n' | grep sbin
/usr/local/sbin
/usr/sbin
/sbin
ubuntu@kingdom:~$ sudo su ubuntu
ubuntu@kingdom:~$ echo $PATH | tr ':' '\n' | grep sbin
/usr/local/sbin
/usr/sbin
/sbin
ubuntu@kingdom:~$ exit
exit
ubuntu@kingdom:~$ sudo su -l ubuntu
ubuntu@kingdom:~$ echo $PATH | tr ':' '\n' | grep sbin
ubuntu@kingdom:~$ exit
logout

업데이트 2:

주석에서 PATH값을 인쇄하기 위해 언급된 것입니다. 그래서 읽기 체인의 각 파일에 대해 각 파일의 첫 번째 줄과 마지막 줄에 PATH. 이제 나는 더 혼란스러워졌습니다. 아래 스니펫을 참조하세요.

$ ssh -i ~/.ssh/ubuntu.pem [email protected]
/etc/profile: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
/etc/bash.bashrc: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
/etc/bash.bashrc: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
/etc/profile: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin
/home/ubuntu/.profile: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin
/home/ubuntu/.bashrc: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin
/home/ubuntu/.bashrc: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin
/home/ubuntu/.profile: /home/ubuntu/bin:/home/ubuntu/.local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin

ubuntu@kingdom:~$ sudo su -l ubuntu
/etc/profile: /usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
/etc/bash.bashrc: /usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
/etc/bash.bashrc: /usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
/etc/profile: /usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games:/snap/bin
/home/ubuntu/.profile: /usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games:/snap/bin
/home/ubuntu/.bashrc: /usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games:/snap/bin
/home/ubuntu/.bashrc: /usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games:/snap/bin
/home/ubuntu/.profile: /home/ubuntu/bin:/home/ubuntu/.local/bin:/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games:/snap/bin
ubuntu@kingdom:~$ exit
logout

ubuntu@kingdom:~$ sudo su ubuntu
/etc/bash.bashrc: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
/etc/bash.bashrc: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
/home/ubuntu/.bashrc: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
/home/ubuntu/.bashrc: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
  1. 왜 그렇게 행동합니까?
  2. 어떻게 디버깅하고 로그인을 통해 사용자로 전환할 때 PATH해당 의지가 유지되는지 확인할 수 있습니까?/sbin

답변1

읽을 구성 파일을 결정하는 옵션을 man bash살펴 보십시오 .-l

INVOCATION
   A login shell is one whose first character of argument zero is a -, or one started with the --login option.

   An interactive shell is one started without non-option arguments and without the -c option whose standard input and error are both connected to  ter‐
   minals (as determined by isatty(3)), or one started with the -i option.  PS1 is set and $- includes i if bash is interactive, allowing a shell script
   or a startup file to test this state.

   The following paragraphs describe how bash executes its startup files.  If any of the files exist but cannot be read, bash reports an error.   Tildes
   are expanded in filenames as described below under Tilde Expansion in the EXPANSION section.

   When  bash is invoked as an interactive login shell, or as a non-interactive shell with the --login option, it first reads and executes commands from
   the file /etc/profile, if that file exists.  After reading that file, it looks for ~/.bash_profile, ~/.bash_login, and ~/.profile, in that order, and
   reads  and executes commands from the first one that exists and is readable.  The --noprofile option may be used when the shell is started to inhibit
   this behavior.

   When a login shell exits, bash reads and executes commands from the file ~/.bash_logout, if it exists.

   When an interactive shell that is not a login shell is started, bash reads and executes commands from /etc/bash.bashrc and ~/.bashrc, if these  files
   exist.  This may be inhibited by using the --norc option.  The --rcfile file option will force bash to read and execute commands from file instead of
   /etc/bash.bashrc and ~/.bashrc.

   When bash is started non-interactively, to run a shell script, for example, it looks for the variable BASH_ENV in the environment, expands its  value
   if it appears there, and uses the expanded value as the name of a file to read and execute.  Bash behaves as if the following command were executed:
          if [ -n "$BASH_ENV" ]; then . "$BASH_ENV"; fi
   but the value of the PATH variable is not used to search for the filename.

   If  bash is invoked with the name sh, it tries to mimic the startup behavior of historical versions of sh as closely as possible, while conforming to
   the POSIX standard as well.  When invoked as an interactive login shell, or a non-interactive shell with the --login option,  it  first  attempts  to
   read  and  execute  commands  from  /etc/profile  and  ~/.profile, in that order.  The --noprofile option may be used to inhibit this behavior.  When
   invoked as an interactive shell with the name sh, bash looks for the variable ENV, expands its value if it is defined, and uses the expanded value as
   the  name of a file to read and execute.  Since a shell invoked as sh does not attempt to read and execute commands from any other startup files, the
   --rcfile option has no effect.  A non-interactive shell invoked with the name sh does not attempt to read any other startup files.  When  invoked  as
   sh, bash enters posix mode after the startup files are read.

   When bash is started in posix mode, as with the --posix command line option, it follows the POSIX standard for startup files.  In this mode, interac‐
   tive shells expand the ENV variable and commands are read and executed from the file whose name is the expanded value.  No other  startup  files  are
   read.

   Bash  attempts to determine when it is being run with its standard input connected to a network connection, as when executed by the remote shell dae‐
   mon, usually rshd, or the secure shell daemon sshd.  If bash determines it is being run  in  this  fashion,  it  reads  and  executes  commands  from
   ~/.bashrc and ~/.bashrc, if these files exist and are readable.  It will not do this if invoked as sh.  The --norc option may be used to inhibit this
   behavior, and the --rcfile option may be used to force another file to be read, but neither rshd nor sshd  generally  invoke  the  shell  with  those
   options or allow them to be specified.

   If the shell is started with the effective user (group) id not equal to the real user (group) id, and the -p option is not supplied, no startup files
   are read, shell functions are not inherited from the environment, the SHELLOPTS, BASHOPTS, CDPATH, and GLOBIGNORE variables, if they  appear  in  the
   environment,  are ignored, and the effective user id is set to the real user id.  If the -p option is supplied at invocation, the startup behavior is
   the same, but the effective user id is not reset.

귀하의 질문에 대답하는 두 단락은 다음과 같습니다.

bash가 대화형 로그인 셸로 호출되거나 --login 옵션이 있는 비대화형 셸로 호출되면 먼저 /etc/profile 파일(해당 파일이 있는 경우)에서 명령을 읽고 실행합니다. 해당 파일을 읽은 후 ~/.bash_profile, ~/.bash_login 및 ~/.profile을 순서대로 찾아서 존재하고 읽을 수 있는 첫 번째 명령을 읽고 실행합니다. 이 동작을 방지하기 위해 쉘이 시작될 때 --noprofile 옵션을 사용할 수 있습니다.

로그인 셸이 아닌 대화형 셸이 시작되면 bash는 /etc/bash.bashrc 및 ~/.bashrc(이러한 파일이 있는 경우)에서 명령을 읽고 실행합니다. 이는 --norc 옵션을 사용하여 금지할 수 있습니다. --rcfile file 옵션은 bash가 /etc/bash.bashrc 및 ~/.bashrc 대신 파일에서 명령을 읽고 실행하도록 합니다.

관련 정보