sudo python environ 环境变量问题

如果用sudo执行python命令的话,会发现import os; os.getenv(“PATH”)得到的变量和普通权限得到的不一致,即使是sudo加上-E参数也没有用。
sudo visudo
Defaults env_reset 改为Defaults !env_reset,注意,加了!号
同时注释掉 Defaults secure_path

既然问题的根源是sudo -E python都无法继承当前的环境变量,那么首先man sudo
-E, –preserve-env
Indicates to the security policy that the user wishes to pre‐
serve their existing environment variables. The security
policy may return an error if the user does not have permis‐
sion to preserve the environment.
感觉这句The security policy may return an error if the user does not have permission to preserve the environment.有问题
于是乎,man sudoers,搜索PATH,发现有这么一段:
By default, the env_reset option is enabled. This causes commands to be
executed with a new, minimal environment. On AIX (and Linux systems
without PAM), the environment is initialized with the contents of the
/etc/environment file. The new environment contains the TERM, PATH,
HOME, MAIL, SHELL, LOGNAME, USER, USERNAME and SUDO_* variables in addi‐
tion to variables from the invoking process permitted by the env_check
and env_keep options. This is effectively a whitelist for environment
variables. Environment variables with a value beginning with () are
removed unless both the name and value parts are matched by env_keep or
env_check, as they will be interpreted as functions by older versions of
the bash shell. Prior to version 1.8.11, such variables were always
因此,sudo visudo,Defaults envreset 改为Defaults !envreset,保险起见,注释掉Defaults securepath

后来似乎搜到了,PYTHONPATH not working for sudo on GNU/Linux (works for root)

Leave a Reply

Your email address will not be published. Required fields are marked *