[bug#31112] Patching the default PATH of `su`

[Ludovic Courtès]

Hey Leo,

Leo Famulari <address@hidden> skribis:

> I've attached a patch that sets the variables in /etc/login.defs.
>
> The resulting PATH only includes "system" packages, which are found in
> /run/current-system and /run/setuid-programs.
>
> It would be better if it also included the user-specific programs in
> ~/.guix-profile, but I don't think this is possible without patching
> `su` to look up usernames.
>
> Shell variables are not expanded by `su`, so using $HOME doesn't work.
> And I'm not sure how to use /var/guix/profiles/per-user without making
> `su` look up usernames.
>
> Nevertheless, I think it's an improvement, although maybe it's less
> confusing for the PATH to be totally wrong than merely missing the
> user's packages. WDYT?

I think the patch is an improvement.

I don’t see how we could add the user ~/.guix-profile as well,
especially since there’s no central place that parses ‘login.defs’
(Shadow has its own parser in lib/getdef.c).

BTW, for a similar reason, OpenSSH’s ‘scp’ doesn’t work when the remote
machine runs GuixSD, even if OpenSSH is in the user’s profile.

> With the attached patch, I tested mingetty and agetty's login, as well
> as OpenSSH sshd login, and everything seemed to work — this changes
> should have no effect in those cases because it affects non-login shells
> only.

Great.

> AFAICT, `su` doesn't use this. The relevant code is below; it hard-codes
> the fall-back PATHs rather than refer to libc.

OK.

> From dc5098edd98c85ad45d2e22ca1824a9445dcc36d Mon Sep 17 00:00:00 2001
> From: Leo Famulari <address@hidden>
> Date: Sun, 8 Apr 2018 14:30:05 -0400
> Subject: [PATCH] system: Provide a fall-back PATH for non-login shells started
>  with su(1).
>
> * gnu/system.scm (operating-system-etc-service): Provide values for
> ENV_PATH and ENV_SUPATH in '/etc/login.defs'.

So LGTM, thank you!

Ludo’.