6
3
I've noticed that the root account $PATH does not include /usr/local/bin or /usr/local/sbin by default. Are there any potential issues that could arise from adding those directories to the path? If so, what is the best way to make sure your shell finds executables in those directories, without affecting the stability and security of the system?
jmlane
Posted 2011-03-02T17:24:02.937
Reputation: 217
7
Make sure that the write permissions on the directories and files are reasonable. You don't want "Other" to be able to write there. File owner and group are also very important. You don't want someone adding or changing something that will be executed under root privileges but that may do something either malicious or have unintended consequences.
Adding those directories to the end of the PATH is safer, but doing that doesn't give you the opportunity to have local overrides of standard utilities. There are pluses and minuses to either approach.
If you leave them out of root's PATH, you can still specify the absolute path explicitly.
Paused until further notice.
Posted 2011-03-02T17:24:02.937
Reputation: 86 075
2
/usr/local/bin and /usr/local/sbin are generally reserved for user-installed executables. Add them to the end of your path, just in case you're concerned about conflicts. The packages for your distribution should place binaries in /usr/bin and /usr/sbin.
Short version: add the paths to the end of your current path, and you should be fine.
8BitsOfGeek
Posted 2011-03-02T17:24:02.937
Reputation: 1 744
1Very comprehensive answer. I neglected to consider the user/group permissions on the
/usr/localtree. I rather err on the side of having only executables in the root $PATH that root alone could have put there/changed. – jmlane – 2011-03-03T16:04:45.103