0

This occurs on many systems and I expect someone has a solution for it.

The PATH environment variable is a major part of security issues. For sanity's sake, the path portion of the .zshrc looks like:

# Set Path
PATH_RUBY="/usr/local/opt/ruby/bin:/usr/local/lib/ruby/gems/3..0/bin"
PATH_TREESITTER="$HOME/p/na/ts/tree_sitter_na/node_modules/.bin"
PATH_CONDA="/usr/local/anaconda3/bin"
PATH_CARGO=".cargo/bin"
PATH_TEX="/usr/texbin:/opt/X11/bin"
PATH_HOME="$HOME/bin:$HOME"
PATH_OSX="/usr/local/bin:/System/Cryptexes/App/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library
/Apple/usr/bin"
export PATH="$PATH_RUBY:$PATH_CONDA:$PATH_TREESITTER:$PATH_CARGO:$PATH_TEX:$PATH_HOME:$PATH_OSX"

While I can check the path munging to be sure that no full directory is repeated in the path, is there a function anyone has written to list of conflicts? I am trying to guard against some unchecked installation of a tool like TreeSitter having its own ssh command, which would execute instead of the later /usr/bin/ssh. This tool would both add to security and also untangle badly done installations.

That is, I want a tool like:

$ checkpath
.../p/na/tree_sitter_na/node_modules/.bin/ssh occudes /usr/bin/ssh
$
Charles Merriam
  • 172
  • 6
  • What you want is not exactly clear. You already have a way of making sure that each directory is only added to `$PATH` once and then you want to see if there is a binary or executable of the same name that appears in multiple locations. If this is a system that you manage and where you have sudoer rights, then you can simply `su` to the user and run whereis if you are looking for a specific executable or if that's too tedious,use a tool like `printf` on the listed directories to send their contents to `stdout` which can then be parsed for duplicates. – Nasir Riley Apr 11 '23 at 04:07
  • Writing the tool is a doable project. A quick and dirty approach, would be "ls for all directories in $PATH | sort | uniq" and then do work to print nice errors. I was seeing if this already was written somewhere. :) – Charles Merriam Apr 14 '23 at 01:30
  • Could you point out what is not clear? I want a list of occluded executables and what is executed instead. – Charles Merriam Apr 14 '23 at 01:32

1 Answers1

1

In zsh, type -a will list all occurrences of a command in the PATH. The first one in the list is the 'active' match:

> type -a pwd
pwd is a shell builtin
pwd is /bin/pwd
> cp /bin/ls ~/bin
> type -a ls
ls is /bin/ls
ls is /Users/gairfowl/bin

More info here.

There are some very useful features in zsh to help manipulate paths. With 'tied' variables, the executable search path can be referenced via either the PATH scalar or the path array:

> print $PATH
/usr/bin:/bin
> path+=/sbin
> print $PATH
/usr/bin:/bin:/sbin
> print -l $path
/usr/bin
/bin
/sbin

PATH and path are set up this way by default. Other variables can be configured as tied variables, e.g. typeset -T LD_LIBRARY_PATH ld_library_path.

The -U option to typeset can be used to set variables so that they do not contain duplicates:

> print $PATH
/usr/bin:/bin
> path+=/sbin
> path+=/sbin
> print $PATH
/usr/bin:/bin:/sbin:/sbin
> typeset -U PATH path
> print $PATH
/usr/bin:/bin:/sbin

You may also want to look at the :a expansion modifier to get the absolute path from a relative path.

Gairfowl
  • 126
  • 1