/etc/profile
[code]
/etc/profile: system-wide .profile file for the Bourne shell (sh(1))
and Bourne compatible shells (bash(1), ksh(1), ash(1), …).
if [ “id -u
” -eq 0 ]; then
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
else
PATH="/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games"
fi
export PATH
if [ “$PS1” ]; then
if [ “$BASH” ] && [ “$BASH” != “/bin/sh” ]; then
# The file bash.bashrc already sets the default PS1.
# PS1=’\h:\w$ ‘
if [ -f /etc/bash.bashrc ]; then
. /etc/bash.bashrc
fi
else
if [ “id -u
” -eq 0 ]; then
PS1=’# ‘
else
PS1=’$ '
fi
fi
fi
The default umask is now handled by pam_umask.
See pam_umask(8) and /etc/login.defs.
if [ -d /etc/profile.d ]; then
for i in /etc/profile.d/*.sh; do
if [ -r $i ]; then
. $i
fi
done
unset i
fi[/code]
Le $PATH,$PS1 prompt ($/#) sont affectés selon l’id.
Passage qui nous intéresse :
if [ “id -u
” -eq 0 ] : si la commande id -u retourne 0, root est de la partie.
Variable $EUID
Test à blanc de hack innocent
$ export EUID=0
bash: EUID: readonly variable
$ man bash
EUID Expands to the effective user ID of the current user, initialized at shell startup. This variable is readonly.[/code]
readonly, lecture seule, pas hackable ...
L'une des différence entre sudo et su réside dans les log.
L'activité de su et de sudo ne se confondent pas.
su : login
sudo : logging
Login, ([i]a log IN/log OUT[/i]), s'identifier, s'authentifier, se connecter, commencer session.
Logging :frowning:[i]to log a log[/i]) enregistrer rapport d'activité.
$ man sudoers
[code]LOG FORMAT
sudoers can log events using either syslog(3) or a simple log file. In each case the log format is almost
identical.
Accepted command log entries
Commands that sudo runs are logged using the following format (split into multiple lines for readability):
date hostname progname: username : TTY=ttyname ; PWD=cwd ; \
USER=runasuser ; GROUP=runasgroup ; TSID=logid ; \
ENV=env_vars COMMAND=command
Where the fields are as follows:
date The date the command was run. Typically, this is in the format “MMM, DD, HH:MM:SS”. If logging
via syslog(3), the actual date format is controlled by the syslog daemon. If logging to a file
and the log_year option is enabled, the date will also include the year.
hostname The name of the host sudo was run on. This field is only present when logging via syslog(3).
progname The name of the program, usually sudo or sudoedit. This field is only present when logging via
syslog(3).
username The login name of the user who ran sudo.
ttyname The short name of the terminal (e.g. “console”, “tty01”, or “pts/0”) sudo was run on, or
“unknown” if there was no terminal present.
cwd The current working directory that sudo was run in.
runasuser The user the command was run as.
runasgroup The group the command was run as if one was specified on the command line.
logid An I/O log identifier that can be used to replay the command's output. This is only present when
the log_input or log_output option is enabled.
env_vars A list of environment variables specified on the command line, if specified.
command The actual command that was executed.
Cas exceptionnel : sudo lancé par root (# sudo).