My program needs some local environment variables while running as root to perform certain tasks. Would it be fine to write a subroutine that can change users sudoers to keep these variables? It's not only going to run on my personal computer, it will run on many users computers. The environment variables I need are mainly DESKTOP_SESSION or any of its variants and QT_X11_NO_MITSHM
Asked
Active
Viewed 113 times
1 Answers
3
Writing a subroutine that modifies system files (/etc/sudoers or any other really) whenever your program runs is a bad design idea.
The more graceful solution is that when you build and package your program for specific Linux distributions, such as for instance RHEL/CentOS 6 & 7, Ubuntu 16 & 18, you make use of and install a drop in configuration snippet in /etc/sudoers.d/program-name that will ensure that the specific sudo settings you need (such as protecting specific environment variables) are applied whenever your program runs.
HBruijn
- 77,029
- 24
- 135
- 201
-
Woah that's awesome! Didn't know we could do that. Might you know an example for debian based distros like ubuntu? – answerSeeker May 29 '18 at 05:25
-
The drop-in file can contain all the same directives you would set in `/etc/sudoers` so if you were thinking of something along the lines of `env_keep += "DESKTOP_SESSION QT_X11_NO_MITSHM"` simple create a file with that a line like that. – HBruijn May 29 '18 at 07:25
-
So basically I need to create a file with name of the program under /etc/sudoers.d/ with the line env_keep += "DESKTOP_SESSION QT_X11_NO_MITSHM. Executing the program again with sudo will allow it access to the variables? – answerSeeker May 29 '18 at 18:16
-
1Thanks for the help. It wasn't working earlier but I added a tab space after prepending Defaults and it worked! What I did `Defaults env_keep += "DESKTOP_SESSION"` – answerSeeker May 29 '18 at 18:55