sshd default user PATH
Thu Aug 14 12:28:00 GMT 2014
Corinna Vinschen <corinna-cygwin <at> cygwin.com> writes:
> On other systems sshd sets $PATH to "/usr/bin:/bin:/usr/sbin:/sbin", but
> on Cygwin it doesn't change $PATH and just takes what it got from
> cygrunsrv so as not to break the search path for DLLs not in the system
I'm running Cygwin since years with all traces of the Windows path
deliberately deleted and never hit any problem. That would be different if
I tried to mix windows applications in, but I prefer to have wrapper scripts
for those anyway.
> So this is kind of a cygrunsrv problem. It simply appends /bin to
> $PATH, rather than prepending it.
Ah, I was wondering where that comes from since nothing in sshd does it. So
sshd just takes over the environment as set up by cygrunsrv? Then it might
be a lot easier to just tell cygrunsrv what to put into PATH.
> Right, /etc/default/login and, fwiw, any method to change $PATH from the
> default path is disabled on Cygwin deliberately for the reason outlined
Thanks for confirming, after staring at the configure output for a while
I've finally found that #ifdef in the source...
> It's not that simple. It requires a code change in sshd. However,
> maybe the rigorous handling is not required anymore these days.
May not be necessary anyway.
> Anyway, even if I re-enable /etc/default/login and the standard PATH
> handling in sshd, there's no way to set an arbitrary environment. For
> security reasons, sshd is very selective in the environment variables it
> sets up. From /etc/default/login, it takes *only* PATH and UMASK,
> for instance. Everything else should be set in the shell profiles.
I really only need PATH at the moment. If I bounce commands directly onto
the server without going through a login shell nothing really works as
expected at the moment since Cygwin is last in path. I don't want to add
Cygwin to the Windows path for other reasons and I really don't have control
what else gets added there and in which order.
> So, here's what I'll do:
> - Change cygrunsrv to prepend /bin to $PATH rather then appending it.
I would appreciate if it could (optionally) look in some configuration file
(/etc/environment ?) and use PATH as defined there and store the path as set
up in Windows in ORIGINAL_PATH (like done in /etc/profile, where this is
conditional on CYGWIN_NOWINPATH being present).
> - Drop the Cygwin specific ignorance of /etc/default/login from the
> source code and build a new OpenSSH package.
> Does that sound ok?
Very much. If the environment can be controlled via cygrunsrv, then the
changes to sshd might not be necessary. I've just tried using "-e
PATH=/bin" in the sshd service startup, but PATH still seems to be
hardcopied from Windows (the setting is ignored if the environment variable
Problem reports: http://cygwin.com/problems.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
More information about the Cygwin