> On May 13, 2019, at 2:46 PM, Pete Biggs <pete at biggs.org.uk> wrote: > >> First, the ~ which might not apply to root. > > Why do you think that? '~' is just shell shorthand for user's home > directory.root quite often isn?t recognized as a proper user. ~/.bash_profile isn?t loaded because it?s not a normal login shell when entering `su`.>> Second, it?s a ?personal? init file, which also might not pertain to >> root. > > root is just as much a user as anyone else, albeit one with special > privileges because they are UID 0.So I can?t assume it?s just another user.>> Going from user to root (su) might not initiate a login shell. I?m >> not clear on this. > > Are you logging in? (i.e. typing the username and password at a login > prompt.) If not, then it's not a login shell.Isn?t moving from my own user using su, then prompted for password count as a login?>> >> But, .bash_profile is not loading. >> >> I have my aliases in another file called /root/.bash_aliases, which >> is a duplicate of my /home/myuser/.bash_aliases which is NOW sourced >> in my /root/.bashrc so it now works. >> >> So ya, got it to work, but knowing the cascade of inclusions is >> important. root is as important to me as my normal user. >> > > Yes. If you are going to be playing around as root, then you really > should know the consequences of what you are doing. When I started > using Unix 30mumble years ago, the perceived wisdom was *always* invoke > su as /bin/su, those where the days when '.' was frequently in a users > path and some nasty user might leave scripts called 'su' lying around > waiting for an admin to occidentally execute them. Second, invoke it > as '/bin/su -', that way you clean out any user variables and only have > the environment you have setup for root.man su doesn?t apply to root with regards to the files loaded up upon login. Consequences of reading generic man pages result in more than one option. Cheers, Bee
On Mon, May 13, 2019 at 04:20:17PM -0400, Bee.Lists wrote:> > On May 13, 2019, at 2:46 PM, Pete Biggs <pete at biggs.org.uk> wrote: > > Why do you think that? '~' is just shell shorthand for user's home > > directory. > > root quite often isn?t recognized as a proper user. ~/.bash_profile > isn?t loaded because it?s not a normal login shell when entering > `su`.You'd find that if there's another user account on your system (lets call it "fred"), and you ran 'su fred', it would not load ~fred/.bash_profile either, because it wasn't a login shell. 'root' isn't special here.> Isn?t moving from my own user using su, then prompted for password > count as a login?As you read in the 'bash' man page, files that are loaded with a "login shell" are different from files loaded from a normal shell execution. 'su' has specific syntax for either running a shell as a user or running a login shell as a user. Just typing a password at the prompt doesn't mean it was a login shell. Typically, a 'login shell' is what you get when you log into a system through login: or a graphical login. .bash_profile is loaded once when you log in. It's meant for login stuff. .bashrc is loaded for every shell you start. 'su' is a tool used to switch users, so you are given the option to either start a shell as a user or log in as that user, depending on the situation.> man su doesn?t apply to root with regards to the files loaded up > upon login. Consequences of reading generic man pages result in > more than one option.The 'su' man page explains all of this pretty well I think. Becoming root isn't special, in terms of loading .bash_profile vs. .bashrc. -- Jonathan Billings <billings at negate.org>
On Mon, 2019-05-13 at 16:20 -0400, Bee.Lists wrote:> > On May 13, 2019, at 2:46 PM, Pete Biggs <pete at biggs.org.uk> wrote: > > > > > First, the ~ which might not apply to root. > > > > Why do you think that? '~' is just shell shorthand for user's home > > directory. > > root quite often isn?t recognized as a proper user. ~/.bash_profile > isn?t loaded because it?s not a normal login shell when entering > `su`.If you switch to any other user using 'su', then their .bash_profile isn't loaded (unless you specify that it's a login shell). 'su' doesn't mean "super user" it means "substitute user" - the default happens to be user UID 0.> > > > Second, it?s a ?personal? init file, which also might not pertain to > > > root. > > > > root is just as much a user as anyone else, albeit one with special > > privileges because they are UID 0. > > So I can?t assume it?s just another user.It may not be "just another user", but it *is* a user as much as your login username is a user. You could assign your own username a UID of 0, and it would have the same privileges as 'root', but it would still act as your username. NOTE: doing this is NOT recommended, do not do it, seriously, do NOT do it.> > > > Going from user to root (su) might not initiate a login shell. I?m > > > not clear on this. > > > > Are you logging in? (i.e. typing the username and password at a login > > prompt.) If not, then it's not a login shell. > > Isn?t moving from my own user using su, then prompted for password > count as a login?No. It doesn't. The password prompt is for authentication, not logging in.> > man su doesn?t apply to root with regards to the files loaded up upon > login.Could you explain what you mean by that. P.
On 2019-05-13 16:25, Pete Biggs wrote:> On Mon, 2019-05-13 at 16:20 -0400, Bee.Lists wrote: >>> On May 13, 2019, at 2:46 PM, Pete Biggs <pete at biggs.org.uk> wrote: >>> >>>> First, the ~ which might not apply to root. >>> >>> Why do you think that? '~' is just shell shorthand for user's home >>> directory. >> >> root quite often isn?t recognized as a proper user. ~/.bash_profile >> isn?t loaded because it?s not a normal login shell when entering >> `su`. > > If you switch to any other user using 'su', then their .bash_profile > isn't loaded (unless you specify that it's a login shell).Whole environment of user that invoked su is "inherited" unless it is specified on commend line to get login environment of user one does su into.> 'su' > doesn't mean "super user" it means "substitute user" - the default > happens to be user UID 0.Thanks Pete! This really needs to be repeated, even though whenever su is mentioned I repeat that to my users that it means "substitute user", but now that you mentioned it here it makes this whole thread clear. Valeri> >> >>>> Second, it?s a ?personal? init file, which also might not pertain to >>>> root. >>> >>> root is just as much a user as anyone else, albeit one with special >>> privileges because they are UID 0. >> >> So I can?t assume it?s just another user. > > It may not be "just another user", but it *is* a user as much as your > login username is a user. You could assign your own username a UID of > 0, and it would have the same privileges as 'root', but it would still > act as your username. NOTE: doing this is NOT recommended, do not do > it, seriously, do NOT do it. > >> >>>> Going from user to root (su) might not initiate a login shell. I?m >>>> not clear on this. >>> >>> Are you logging in? (i.e. typing the username and password at a login >>> prompt.) If not, then it's not a login shell. >> >> Isn?t moving from my own user using su, then prompted for password >> count as a login? > > No. It doesn't. The password prompt is for authentication, not logging > in. > >> >> man su doesn?t apply to root with regards to the files loaded up upon >> login. > > Could you explain what you mean by that. > > P. > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos >-- ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++
On 13/05/2019 22:25, Pete Biggs wrote:> On Mon, 2019-05-13 at 16:20 -0400, Bee.Lists wrote:<snip>> > It may not be "just another user", but it *is* a user as much as your > login username is a user. You could assign your own username a UID of > 0, and it would have the same privileges as 'root', but it would still > act as your username. NOTE: doing this is NOT recommended, do not do > it, seriously, do NOT do it. ><snip>> P. > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos >Shame that "security experts" regularly recommend using another name for the root account - security through obscurity anyone? -- J Martin Rushton MBCS -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20190513/d16cb981/attachment-0002.sig>
But it is different. Significantly different. I?d rather just use ?su? and have the login sequence trip the loading of my aliases. Moving this to .bashrc has solved that. That?s what I was asking.> On May 13, 2019, at 4:37 PM, Jonathan Billings <billings at negate.org> wrote: > > The 'su' man page explains all of this pretty well I think. Becoming > root isn't special, in terms of loading .bash_profile vs. .bashrc.Cheers, Bee
su does not load .bash_profile and therefore is a completely different application than with any other user. This one is different, considering .bash_profile is indeed used for logins for other users.> On May 13, 2019, at 5:25 PM, Pete Biggs <pete at biggs.org.uk> wrote: > >> >> man su doesn?t apply to root with regards to the files loaded up upon >> login. > > Could you explain what you mean by that.Cheers, Bee