0

I am running RHEL 7.3, however the procedure may be similar on other Linux systems.

I have logged in as root. I have a file called openrc which is full of lines like export OS_IDENTITY_API_VERSION=3. I'd like to move this file somewhere so it gets automatically loaded when another user logs in using SSH. Having read related threads, I tried adding this using this as a root user, but this only seems to add these values for the root user. When I login as another user, say 'admin01' the values are not loaded. 

echo source /home/admin01/openrc>>~/.bash_profile

I also tried moving this file to /etc/profile.d, but that also seems to load only for root and not for any other user logging in. Can someone PLEASE explain what's going on. 

cp /home/admin01/openrc /etc/profile.d/openrc.sh

The /etc/profile has a warning like this;

# It's NOT a good idea to change this file unless you know what you
# are doing. It's much better to create a custom.sh shell script in
# /etc/profile.d/ to make custom changes to your environment, as this
# will prevent the need for merging in future updates.
Zac
  • 101
  • 2

2 Answers2

0

Name it /etc/profile.d/openrc.sh or use /etc/environment if you need the variables to be defined for daemons as well.

Here's an example (CentOS 7):

# ls -lhaZ /etc/profile.d/
[...]
-rw-r--r--. root root unconfined_u:object_r:bin_t:s0   /etc/profile.d/foo.sh

Contents:

export HISTSIZE=10000
export HISTFILE=~/.bash_history
export HISTCONTROL=ignoredups:ignorespace:erasedups
export HISTTIMEFORMAT="%y-%m-%d %H:%M "

Logged in as a non-root user:

$ set | grep HIST
HISTCONTROL=ignoredups:ignorespace:erasedups
HISTFILE=/home/user/.bash_history
HISTFILESIZE=10000
HISTSIZE=10000
HISTTIMEFORMAT='%y-%m-%d %H:%M '

Using /etc/environment, put the lines into /etc/environment without export.

Keep in mind that you might need to stick to /etc/environment when you aren't using bash or not using bash as a login shell:

https://access.redhat.com/discussions/731373

fuero
  • 9,591
  • 1
  • 35
  • 40
  • Just named it openrc.sh and the file is visible from the new user, but still the values are not exported to bash by default. The /etc/environment file is empty in my system. Forgot to mention that in question. Are there any other things to try? – Zac Jul 28 '17 at 06:35
  • Based on your updated answer, my environment is very similar, the SH file present, but the variables are not loaded on non-root user's shell! Also, my /etc/environment file is EMPTY. No lines. Should I still continue adding all the export lines there? – Zac Jul 28 '17 at 06:49
  • Provide a little more details please. What do you do to find out that they aren't set? – fuero Jul 28 '17 at 06:51
  • I do echo $varName - that's empty. Set | grep like you showed, the variables don't exist there as well. I've tried closing the Putty session and logged back to try. Also tried SSH from the same Putty window, still the same result. – Zac Jul 28 '17 at 06:57
  • 1
    Does the `openrc.sh` have execute permissions? – Tero Kilkanen Jul 28 '17 at 10:39
  • Giving it the right permissions (700) and making the admin01 user the owner of the file in /etc/profile.d, worked. Thanks! – Zac Jul 28 '17 at 19:49
  • changing ownership/permissions of the file in /etc/profile.d is a bad idea and will cause any other user logging in to your system to error on that file. – Joe Jul 28 '17 at 20:03
  • I don't know what you mean. I was able to log in as other users, they simply didn't have the variables loaded. There was no error. – Zac Jul 29 '17 at 20:06
  • I just tested it and indeed did not see an error, nor was one put in a log file I could find. – Joe Aug 01 '17 at 22:06
0

Note that all changes made to /etc/profile and /etc/profile.d will be applied to every user that logs in to the system. Since I have a hunch that this openrc file has authentication credentials, you have to be sure that you actually want this applied to every user. If you only want it applied to certain users, you can copy the file to their home folder and include it in their ~/.profile with a line saying source ~/openrc

Joe
  • 1,043
  • 8
  • 11
  • Or I could simply set chmod 700 and chown admin01 (i.e. for that particular user) to the particular openrc.sh under /etc/profile.d - this way other users can't open the file. Correct? – Zac Jul 29 '17 at 04:53
  • I guess the reason I wouldn't want it in the profile.d folder is tidiness and the purpose of it. profile.d is supposed to be files loaded by every user. In your case, every user does attempt to load the file, lack permissions, and move on (with the exception of root which can see it even though it's owned by admin01). However, it can be confusing later on for someone else who sees it in there but realizes it's not applied. That's why for one offs, it is best to just load it in that user's profile, IMO – Joe Aug 01 '17 at 22:09
  • I guess that was the question. Your statemetn 'include it in their ~/.profile' -how do I include it in that user's ~/.profile from root? It doesn't work when I include the source line, have you tested? – Zac Aug 03 '17 at 17:12
  • Assume you have a user bob whose home folder is /home/bob/ Edit /home/bob/.profile and add a line at the bottom that says `source PATH_TO_FILE` and it will get loaded. Root can edit any file. As long as that .profile file is owned by the bob user then bob will load it. The file being sourced also will need to be readable by bob for it to work. – Joe Aug 03 '17 at 17:34
  • This page is a nice comprehensive explanation of shells, environment variables and profile files: https://www.ibm.com/developerworks/library/l-lpic1-105-1/index.html – Joe Aug 03 '17 at 17:35