Environment variables when run with 'sudo'
Solution 1
Environment variables can be simply passed after sudo
in form ENV=VALUE and thay'll be accepted by followed command. It's not known to me if there are restrictions to this usage, so my example problem can be solved with:
sudo LD_LIBRARY_PATH=/opt/intel/mkl/lib/ia32:$LD_LIBRARY_PATH LD_PRELOAD=/opt/intel/mkl/lib/ia32/libmkl_core.so python -c "import numpy"
Solution 2
The -E
option you mention seems to work just fine:
enzotib@host:~$ export DUMMY=dummy
enzotib@host:~$ sudo -E sh -c 'echo $DUMMY'
dummy
enzotib@host:~$ sudo -E env | grep DUMMY
DUMMY=dummy
Solution 3
You can use -E
sudo option to preserve current environment (if you have rights to do that)
$ man sudo
-E, --preserve-env
Indicates to the security policy that the user wishes to preserve
their existing environment variables. The security policy may
return an error if the user does not have permission to preserve
the environment.
Solution 4
You need to edit your sudoers
by sudo visudo
as possibly you've security policy plugin enabled which overrides your PATH
by secure_path
option. So add the path to the list and you can also use env_keep
instead, for example:
Defaults env_reset
Defaults env_keep += "PATH PYTHONPATH"
To check if your PATH
is overridden, run the following command:
$ sudo sudo -V | grep PATH
Value to override user's $PATH with: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
See also: Why are PATH variables different when running via sudo and su? at Unix SE
Solution 5
This works for me (~/.bashrc
):
alias sudo='sudo env PATH=$PATH VAR1=SOME_VALUE VAR2=SOME_VALUE...'
Source: As per OP edit
zetah
Updated on September 18, 2022Comments
-
zetah over 1 year
As example to my question, my
~/.bashrc
file contains this lines:export LD_LIBRARY_PATH=/opt/intel/mkl/lib/ia32:$LD_LIBRARY_PATH export LD_PRELOAD=/opt/intel/mkl/lib/ia32/libmkl_core.so
so that Numpy (Python) could find libraries that it needs to run, as it's build with MKL and Intel compilers. This workflow isn't the best, but that's another story.
My question is how can I pass arbitrary variables (like those in
~/.bashrc
) when I run program with 'sudo' (but not root)?Currently, if I run:
sudo python -c "import numpy"
I get an error:
ImportError: libimf.so: cannot open shared object file: No such file or directory*
Some suggestions as
sudo -i
orsudo -E
does not change anything here.
Edit:
I can't answer my question (not enough points :D ) but I'll comment here, in a hope that there are other Linux newbies wondering about
sudo
traps.[Only temporarily!] This works for me (
~/.bashrc
):alias sudo='sudo env PATH=$PATH VAR1=SOME_VALUE VAR2=SOME_VALUE...'
-
zetah over 12 yearsSorry, but I don't understand your answer. Can you provide example on scenario I posted above? i.e. to be able to run
sudo python -c "import numpy"
withLD_LIBRARY_PATH
andLD_PRELOAD
defined as written above? -
enzotib over 12 years@zetah: ok, i'm wrong, because it works for generic variable, but not for dymanic linking controlling variables, as stated in section
SECURITY NOTES
ofsudo
manual page. -
zetah over 12 yearsIt is simpler then that (as in provided answer), although
man sudo
does not make it clear, and when user tries to follow references pointed there, it is very easy to be discouraged by all branches needed to be followed, to be able to decrypt supposed meaning. -
ses about 10 years
-
Zanna about 6 years+1, but
env_keep
does not work on PATH (in the sense thatsudo
still usessecure_path
when looking for the command) -
Zanna about 6 yearsthis works, but it is a bad idea because it makes running
sudo
less safe -
DarkCygnus over 5 yearsStill today this worked for me, on my Raspbian Jessy for my RPi 3 ... after almost a week breaking my head why didn't my script ran on startup. Thanks a lot!
-
CvRChameleon over 3 yearsExtremely useful, this works to populate a variable inside Docker Container as well where I require sudo.