I’m finding an odd problem with sudo since this update.
my ~/.zshrc for both my user and root extend the $PATH variable so it’s easy to run my locally-written scripts in ~/bin. But since updating, sudo no longer finds scripts in my ~/bin directory.
Running sudo echo $PATH returns the PATH as I would expect it, but sudo env | grep PATH only returns /usr/local/sbin:/usr/local/bin:/usr/bin, so it appears that sudo is neither preserving my user’s $PATH nor picking up $PATH from /root/.zshrc
Running sudo konsole or sudo xterm and then trying to run a command in my ~/bin directory works, so somehow that’s picking up the .zshrc.
I’ve tried downgrading sudo (as that was updated in this upgrade) but this made no difference (even tried rebooting in case that made a difference). I’m now stumped.
OK, I’ve solved this. In /etc/sudoers, Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/bin" was uncommented. It hadn’t been beforehand. Though I’m not sure why that didn’t get restored to its original state when I downgraded sudo.
I normally do this. As far as I can make out, /etc/sudoers had that line commented out from when it was installed, and got changed by the upgrade. Though I’m not sure that commenting it out in a sudoers.d file would have the effect of overriding the uncommented line in /etc/sudoers. (Though I suppose setting the path in there would do it).
Don’t do this. This is security relevant, and together with path and alias, (which have some internal protection) can lead to privilege escalation. It is good someone finally decided to correct the default setting.
It is not a big deal to type ./ in front of your custom script.
