[Nottingham] TMPDIR weirdness with X logins
Robert Davies
nottingham at mailman.lug.org.uk
Thu Sep 11 16:19:01 2003
On Thursday 11 Sep 2003 09:08, Robert Postill wrote:
> This is one of those peculiarities that sometimes come along almost with
> the express job of making you look stupid :). Basically it's a question
> of login shell or not login shell. When you login to a console, you're
> in a login shell and therefore get the bash_profile settings. When
> you're using a window manager (and it should be true for all window
> managers) and you kick off konsole or xterm or whatever, that's a
> subshell. The login shell is designed to be run once, subshells many
> times per session with the machine. For example your login shell may
> contain a diary/alert daemon, that gets run once and stays resident for
> your session. You wouldn't want that run every time you kicked off an
> xterm session, you'd just be plundering the machines resources. So you
> get a subshell.
>
> Clear as mud now? :)
I know the bash_profile is getting run once (remember original reference to
debug log), even though login is via kdm.
Because of the difference generally ENVIRONMENT should be set in .profile /
.login, and not .bashrc / .cshrc files, so programs can bequeath
modifications to sub-processes where needed. There were options on DEC
Ultrix and Sun/BrokenWindows to select login shell for each terminal window,
though this is wrong for other reasons (where a user really wants something
run only on initial login and logout eg) find jobs clearing up files).
What's happening, I think is that xterm and other emulators, have black
listing of some environmentals. These programs need suid/sgid privileges to
write to utmp & wtmp. It's right to alter the environment when you have
privileges to avoid security problems eg) LD_PRELOAD etc. It would be though
a lot more right, for these GUI programs starting shells for users, to
restore the original settings, plus their essential modifications eg)
TERM=xterm, after they have permanently revoked their suid/sgid-ness, in the
child fork that's about to exec the non-login shell.
Actually bash only runs .bashrc for interactive processes, which avoids the
csh problem where shell scripts have forgetten -f, and could have operation
interfered with by environment assignments in .cshrc (it's traditional to
test if shell is interactive there to avoid issues). So that mitigates the
problem, though if I start a sub-shell like this :
env TMPDIR=/var/tmp PATH=/bin:/usr/bin \
LD_LIBRARY_PATH=/opt/broken_commercial_pkg/lib bash
I really do not expect or want, LD_*, PATH and TMPDIR to get reset anyway, by
.bashrc. Sometimes it's nice for a program system to just setup necessary
environment, when you need to use it and return you to an interactive shell,
rather than force, you to carry it's baggage set per-user in every single
shell they ever start. Without that you can get conflict problems, where 3rd
party packages have command name clashes.
I thought someone on the list, might happen to have been bitten by this stuff
and know, or have a reference on the web to some info, which explains what
get's modged, by what and why.
Rob