/sbin:/usr/sbin in mortal's PATH
Stephen John Smoogen
smooge at gmail.com
Sat May 6 21:15:19 UTC 2006
On 5/6/06, jeff <moe at blagblagblag.org> wrote:
> Chris Tyler wrote:
> > The /sbin and /usr/sbin directories contain many utilities that are
> > useful to non-superusers, such as ifconfig, netstat, arp, fuser, lsusb,
> > runlevel, dumpe2fs, hwclock, lsof, traceroute, and many others.
> > Obviously, most of those utilities can do -more- when run as superuser,
> > but that doesn't diminish their value to mortals.
>
> I once asked about this wrt `ifconfig` in #fedora and got lashed as if I
> asked for mp3 support or something...
>
> I believe the correct answer is not to add sbin to users' paths, but to
> move binaries out of sbin and into bin and symlink them so they don't
> break old scripts. By my reading, this is what the FHS implies, but
> there is lots of inertia to such a change.
>
> /sbin: "Utilities used for system administration (and other root-only
> commands) are stored in /sbin, /usr/sbin, and /usr/local/sbin."
> http://www.pathname.com/fhs/pub/fhs-2.3.html#PURPOSE16
>
The 'and' in that sentance is probably incorrect as in (or other
root-only commands). Many of the commands listed in the original
email:
ifconfig, netstat, arp, fuser, lsusb, runlevel, dumpe2fs, hwclock,
lsof, traceroute,
are considered classical system administration commands. The standard
user is not supposed to have any need to use any of them. [In the
sense that if they are using them they are doing system
administraction duties and probably should know what they are doing.]
In some environments letting regular users is highly frowned on or
disallowed (I have had to write a script that basically did a chmod
o-rwx /usr/sbin/* to meet certain security policies). In other
environments.. the exact opposite is the required. The current layout
is sort of the middle ground in my opinion.
--
Stephen J Smoogen.
CSIRT/Linux System Administrator
More information about the fedora-devel-list
mailing list