Skip to main content

On Linux, how do I set the PATH for non-interactive, non-login shells? e.g. for the case of rksh?

Non-interactive, non-login, shells inherit the PATH from the ssh process, so we must set the PATH with ssh. Some shells, like Korn Shell (ksh, rksh, pksh), only parse user environment files in login shells, so there's no way to change the inherited environment in non-interactive, non-login shells.
  • To set the path globally, build a custom ssh with the needed default path.
  • To set the path for a particular user, first configure ssh to use custom environments by enabling "PermitUserEnvironment" in /etc/ssh/sshd_config: PermitUserEnvironment yes
  • Restart sshd
  • Then set the path in that user's authorized_keys file or using ~/.ssh/environment.
  • Note that you need to set all of the important shell variables. The existence of ~/.ssh/environment seems to preclude the setting of default environmental variable values.
  • So, for example, given a location for binaries for rksh (restricted korn shell), /usr/restricted/bin, place the following in ~/.ssh/environment:
HOME=/home/username
LOGNAME=username
MAIL=/var/mail/username
PATH=/usr/restricted/bin
PWD=/home/username
SHELL=/bin/rksh
SHLVL=1
USER=username
 

  • Note: replace username with the login of the user. Then, optionally, lock down write access to ~/.ssh/environment:
    • Set the classical permissions:
      • chown root:root /home/username/.ssh/environment
      • chmod 644 /home/username/.ssh/environment
    • Or, place file in an restricted SE Linux context and then configure an SE Linux ACL restricting access.
    • Or, set a Posix ACL on the file to limit access.

    Comments

    Popular posts from this blog

    How to fix this ssh error from a Cisco switch: ssh_rsa_verify: RSA modulus too small: 512 < minimum 768 bits

    Problem ssh user@cisco_switch returns: ssh_rsa_verify: RSA modulus too small: 512 < minimum 768 bits key_verify failed for server_host_key Solution The modulus of the ssh RSA key pair on the switch is too small. If you have access, generate a new key pair on the switch with a larger modulus. Procedure Login with ssh protocol version 1 ( ssh space dash one ): ssh -1 user@cisco_switch (On the switch): enable (On the switch): Authenticate to "Privileged Exec Mode" mode on the switch. (On the switch): conf t (On the switch): crypto key generate rsa general-keys modulus 1024 (On the switch): Press enter to accept that the current key pair for the switch will be replaced. You now should be able to log into the switch with ssh protocol version 2.

    How do I dual-boot Ubuntu 18.04 on a 2011 Mac Mini?

    Machine Specs: Mac Mini (Mid 2011), Macmini5,2 Core i7 16 GB RAM (2x8 GB) AMD Radeon HD 6630M 256MB 27-inch Apple Thunderbolt Display 512 GB SSD Running macOS 10.13 High Sierra Caution: This process can result in data loss. If you have personal data on the Mac Mini before starting, back it up first. Twice! (One is none. Two is one. ~ U.S. Navy Seal saying).  Also, mistyping in the parts of this process may brick your Mac Mini. You have been warned. If in doubt, stop working and do research on Google until you understand what's going on in the step. If you find an error, please leave a comment. I will update. Note: This is process I figured out in lieu of booting the Ubuntu install with EFI via refind. Via the refind boot method, I would constantly get: 10:39:07 kernel: Couldn't get size: 0x800000000000000e 10:39:07 kernel: MODSIGN: Couldn't get UEFI db list 10:39:07 kernel: Couldn't get size: 0x800000000000000e The error seems to be relate

    Fixing SSH connection problems in EGit in Eclipse

    Note: I posted a version of this on Stack Overflow. Errors can occur when there is an underlying SSH authentication issue, like having the wrong public key on the git remote server or if the git remote server changed its SSH host key. Often the an SSH error will appear as: " Invalid remote: origin: Invalid remote: origin" Eclipse will use the .ssh directory you specify in Preferences -> General -> Network Connections -> SSH2 for its ssh configuration. Set it "{your default user directory}.ssh\" . To fix things, first you need to determine which ssh client you are using for Git. This is stored in the GIT_SSH environmental variable. Right-click on "Computer" (Windows 7), then choose Properties -> Advanced System Settings -> Environment Variables. If GIT_SSH contains a path to plink.exe, you are using the PuTTY stack. To get your public key, open PuTTYgen.exe and then load your private key file (*.ppk). The listed public key sho