GNU bug report logs -
#36583
26.1; emacs 26 tries loading original user's .emacs after su to root
Previous Next
To reply to this bug, email your comments to 36583 AT debbugs.gnu.org.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36583; Package
emacs.
(Wed, 10 Jul 2019 20:24:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Steinar Bang <sb <at> dod.no>:
New bug report received and forwarded. Copy sent to
bug-gnu-emacs <at> gnu.org.
(Wed, 10 Jul 2019 20:24:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
debian 10 "buster", amd64
GNU Emacs 26.1 (build 2, x86_64-pc-linux-gnu, GTK+ Version 3.24.4) of 2019-02-03, modified by Debian
- I did /bin/su from my own user to root
- When I started emacs I got the following error message:
Warning (initialization): An error occurred while loading ‘/home/sb/.emacs’:
File is missing: Cannot open load file, No such file or directory, editorconfig
To ensure normal operation, you should investigate and remove the
cause of the error in your initialization file. Start Emacs with
the ‘--debug-init’ option to view a complete error backtrace.
- Ie. emacs tried to load the original user's .emacs and fails (and the
configuration of the editor is kind of broken)
Results of HOME and id after su:
root <at> cadalora:~# env | grep HOME
HOME=/root
root <at> cadalora:~# id
uid=0(root) gid=0(root) groups=0(root)
root <at> cadalora:~#
- When I do "/bin/su - root" then emacs reports no error messages on
startup
Results of HOME and id looks the same:
root <at> cadalora:~# env | grep HOME
HOME=/root
root <at> cadalora:~# id
uid=0(root) gid=0(root) groups=0(root)
root <at> cadalora:~#
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36583; Package
emacs.
(Wed, 10 Jul 2019 20:51:02 GMT)
Full text and
rfc822 format available.
Message #8 received at 36583 <at> debbugs.gnu.org (full text, mbox):
This is explicitly documented in the manual.
"How Emacs Finds Your Init File".
Added tag(s) wontfix and notabug.
Request was from
Glenn Morris <rgm <at> gnu.org>
to
control <at> debbugs.gnu.org.
(Wed, 10 Jul 2019 20:53:02 GMT)
Full text and
rfc822 format available.
bug closed, send any further explanations to
36583 <at> debbugs.gnu.org and Steinar Bang <sb <at> dod.no>
Request was from
Glenn Morris <rgm <at> gnu.org>
to
control <at> debbugs.gnu.org.
(Wed, 10 Jul 2019 20:53:02 GMT)
Full text and
rfc822 format available.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36583; Package
emacs.
(Thu, 11 Jul 2019 22:59:01 GMT)
Full text and
rfc822 format available.
Message #15 received at 36583 <at> debbugs.gnu.org (full text, mbox):
> This is explicitly documented in the manual.
> "How Emacs Finds Your Init File".
FWIW, I find this behavior very surprising (and dangerous).
Apparently you can circumvent it by setting LOGNAME to "root".
I can't find the place in code which distinguishes this case from the
case where the user doesn't `su` but instead sets his $HOME to some
other place, such as:
HOME=/home/monnier/tmp/home emacs
BTW, thinking about "dangerous" above, I guess the behavior might make
sense when you're `su`ing *from* root rather than the other way around.
Stefan
Did not alter fixed versions and reopened.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Thu, 11 Jul 2019 23:03:03 GMT)
Full text and
rfc822 format available.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36583; Package
emacs.
(Thu, 11 Jul 2019 23:18:02 GMT)
Full text and
rfc822 format available.
Message #20 received at 36583 <at> debbugs.gnu.org (full text, mbox):
Stefan Monnier <monnier <at> iro.umontreal.ca> writes:
> FWIW, I find this behavior very surprising (and dangerous).
Yes, me too. I can't think of any other program that behaves in this
manner.
> BTW, thinking about "dangerous" above, I guess the behavior might make
> sense when you're `su`ing *from* root rather than the other way around.
By default, /root on many systems isn't readable by anybody but root, so
I don't think it makes much sense in any situation...
I think Emacs shouldn't do this at all. When was this introduced, and
what was the reasoning behind it?
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36583; Package
emacs.
(Fri, 12 Jul 2019 00:40:01 GMT)
Full text and
rfc822 format available.
Message #23 received at 36583 <at> debbugs.gnu.org (full text, mbox):
>> BTW, thinking about "dangerous" above, I guess the behavior might make
>> sense when you're `su`ing *from* root rather than the other way around.
> By default, /root on many systems isn't readable by anybody but root, so
> I don't think it makes much sense in any situation...
Good point.
> I think Emacs shouldn't do this at all. When was this introduced, and
> what was the reasoning behind it?
The Texinfo says:
[...]
@xref{Entering Emacs,,, emacs, The GNU Emacs Manual}. If neither
option is specified, Emacs uses the @env{LOGNAME} environment
variable, or the @env{USER} (most systems) or @env{USERNAME} (MS
systems) variable, to find your home directory and thus your init
file; this way, even if you have su'd, Emacs still loads your own init
file. If those environment variables are absent, though, Emacs uses
your user-id to find your home directory.
and it's at least as old as 2007 probably long before.
I still haven't found the corresponding code, so I can't confirm
the origin.
[...hhhmmm...] Ha! Found it!
commit a726e0d12ccb1c49ca1f3e1fbe64addea9b7d3b4
Author: Jim Blandy <jimb <at> redhat.com>
Date: Thu Jul 11 23:17:40 1991 +0000
Initial revision
diff --git a/lisp/startup.el b/lisp/startup.el
--- /dev/null
+++ b/lisp/startup.el
@@ -0,0 +160,6 @@
+ ;; Figure out which user's init file to load,
+ ;; either from the environment or from the options.
+ (setq init-file-user (if noninteractive nil (user-login-name)))
+ ;; If user has not done su, use current $HOME to find .emacs.
+ (and init-file-user (string= init-file-user (user-real-login-name))
+ (setq init-file-user ""))
So yes, goes back pretty far.
Stefan
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36583; Package
emacs.
(Fri, 12 Jul 2019 06:39:01 GMT)
Full text and
rfc822 format available.
Message #26 received at 36583 <at> debbugs.gnu.org (full text, mbox):
> From: Stefan Monnier <monnier <at> iro.umontreal.ca>
> Date: Thu, 11 Jul 2019 18:58:40 -0400
> Cc: Steinar Bang <sb <at> dod.no>, 36583 <at> debbugs.gnu.org
>
> > This is explicitly documented in the manual.
> > "How Emacs Finds Your Init File".
>
> FWIW, I find this behavior very surprising (and dangerous).
Why is it dangerous?
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36583; Package
emacs.
(Fri, 12 Jul 2019 14:35:02 GMT)
Full text and
rfc822 format available.
Message #29 received at 36583 <at> debbugs.gnu.org (full text, mbox):
Stefan Monnier <monnier <at> iro.umontreal.ca> writes:
> [...hhhmmm...] Ha! Found it!
>
> commit a726e0d12ccb1c49ca1f3e1fbe64addea9b7d3b4
> Author: Jim Blandy <jimb <at> redhat.com>
> Date: Thu Jul 11 23:17:40 1991 +0000
>
> Initial revision
>
> diff --git a/lisp/startup.el b/lisp/startup.el
> --- /dev/null
> +++ b/lisp/startup.el
> @@ -0,0 +160,6 @@
> + ;; Figure out which user's init file to load,
> + ;; either from the environment or from the options.
> + (setq init-file-user (if noninteractive nil (user-login-name)))
> + ;; If user has not done su, use current $HOME to find .emacs.
> + (and init-file-user (string= init-file-user (user-real-login-name))
> + (setq init-file-user ""))
>
> So yes, goes back pretty far.
Oh, wow. :-)
There was a similar bug report for "sudo" the other week where the
conclusion was "well, just use -i" (because then $HOME would be set
correctly). Does this mean that su and sudo behaves differently in
Emacs in this area? Let's see...
sudo -i:
root <at> sandy:~# echo $HOME
/root
(user-real-login-name)
"root"
sudo bash:
root <at> sandy:~# echo $HOME
/home/larsi
(user-real-login-name)
"root"
[larsi <at> stories ~]$ su
Password:
root <at> stories:/home/larsi# echo $HOME
/root
(user-real-login-name)
"root"
Uhm...
So when I su on this machine, I'm not getting /home/larsi/.emacs?
This is kinda confusing.
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36583; Package
emacs.
(Fri, 12 Jul 2019 14:47:01 GMT)
Full text and
rfc822 format available.
Message #32 received at 36583 <at> debbugs.gnu.org (full text, mbox):
>> > This is explicitly documented in the manual.
>> > "How Emacs Finds Your Init File".
>> FWIW, I find this behavior very surprising (and dangerous).
> Why is it dangerous?
Because it'll run with full admin privileges the user's ~/.emacs which
was likely not written under the assumption that you have to be very
careful not to mess up the whole system.
Stefan
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36583; Package
emacs.
(Fri, 12 Jul 2019 14:55:02 GMT)
Full text and
rfc822 format available.
Message #35 received at 36583 <at> debbugs.gnu.org (full text, mbox):
> From: Stefan Monnier <monnier <at> iro.umontreal.ca>
> Cc: rgm <at> gnu.org, sb <at> dod.no, 36583 <at> debbugs.gnu.org
> Date: Fri, 12 Jul 2019 10:46:13 -0400
>
> >> > This is explicitly documented in the manual.
> >> > "How Emacs Finds Your Init File".
> >> FWIW, I find this behavior very surprising (and dangerous).
> > Why is it dangerous?
>
> Because it'll run with full admin privileges the user's ~/.emacs which
> was likely not written under the assumption that you have to be very
> careful not to mess up the whole system.
Isn't that what 'su' is supposed to allow?
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36583; Package
emacs.
(Fri, 12 Jul 2019 15:01:01 GMT)
Full text and
rfc822 format available.
Message #38 received at 36583 <at> debbugs.gnu.org (full text, mbox):
Eli Zaretskii <eliz <at> gnu.org> writes:
>> Because it'll run with full admin privileges the user's ~/.emacs which
>> was likely not written under the assumption that you have to be very
>> careful not to mess up the whole system.
>
> Isn't that what 'su' is supposed to allow?
Under su you can run any command -- that's true.
But it's unexpected to have a program run this code as root. At least,
it's not what I would expect, and I have not written the code in
/home/larsi/.emacs under the assumption that is has to be safe for root
to run.
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36583; Package
emacs.
(Fri, 12 Jul 2019 23:40:02 GMT)
Full text and
rfc822 format available.
Message #41 received at 36583 <at> debbugs.gnu.org (full text, mbox):
[[[ To any NSA and FBI agents reading my email: please consider ]]]
[[[ whether defending the US Constitution against all enemies, ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]
I think I asked for this feature so that when I run Emacs as root I
will get the commands I am accustomed to.
--
Dr Richard Stallman
President, Free Software Foundation (https://gnu.org, https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36583; Package
emacs.
(Sat, 13 Jul 2019 09:22:02 GMT)
Full text and
rfc822 format available.
Message #44 received at 36583 <at> debbugs.gnu.org (full text, mbox):
On Jul 12 2019, Richard Stallman <rms <at> gnu.org> wrote:
> I think I asked for this feature so that when I run Emacs as root I
> will get the commands I am accustomed to.
Nowadays this is perhaps obsoleted by Tramp.
Andreas.
--
Andreas Schwab, schwab <at> linux-m68k.org
GPG Key fingerprint = 7578 EB47 D4E5 4D69 2510 2552 DF73 E780 A9DA AEC1
"And now for something completely different."
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36583; Package
emacs.
(Sat, 13 Jul 2019 09:35:02 GMT)
Full text and
rfc822 format available.
Message #47 received at 36583 <at> debbugs.gnu.org (full text, mbox):
Andreas Schwab <schwab <at> linux-m68k.org> writes:
> On Jul 12 2019, Richard Stallman <rms <at> gnu.org> wrote:
>
> > I think I asked for this feature so that when I run Emacs as root I
> > will get the commands I am accustomed to.
>
> Nowadays this is perhaps obsoleted by Tramp.
Tramp covers this use case for me at least.
FWIW, I think we should remove this feature. It has always surprised me since
it's so different from how other programs on GNU/Linux usually behaves.
Would it be a good idea to also add something to the FAQ or Manual on the
recommended way to edit files as root (which perhaps should be: use Tramp)?
Thanks,
Stefan Kangas
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36583; Package
emacs.
(Sat, 13 Jul 2019 13:11:03 GMT)
Full text and
rfc822 format available.
Message #50 received at 36583 <at> debbugs.gnu.org (full text, mbox):
> I think I asked for this feature so that when I run Emacs as root I
> will get the commands I am accustomed to.
I can see why you'd like that, but I think this should be the result of
an explicit choice rather than the default behavior.
Stefan
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36583; Package
emacs.
(Sat, 13 Jul 2019 23:03:02 GMT)
Full text and
rfc822 format available.
Message #53 received at 36583 <at> debbugs.gnu.org (full text, mbox):
[[[ To any NSA and FBI agents reading my email: please consider ]]]
[[[ whether defending the US Constitution against all enemies, ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]
> > I think I asked for this feature so that when I run Emacs as root I
> > will get the commands I am accustomed to.
> Nowadays this is perhaps obsoleted by Tramp.
Sorry, I don't follow you. I don't see how there is any relationship
between this .emacs veature and Tramp.
--
Dr Richard Stallman
President, Free Software Foundation (https://gnu.org, https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36583; Package
emacs.
(Sat, 13 Jul 2019 23:06:02 GMT)
Full text and
rfc822 format available.
Message #56 received at 36583 <at> debbugs.gnu.org (full text, mbox):
[[[ To any NSA and FBI agents reading my email: please consider ]]]
[[[ whether defending the US Constitution against all enemies, ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]
> I can see why you'd like that, but I think this should be the result of
> an explicit choice rather than the default behavior.
How do you suggest a user indicate that choice?
--
Dr Richard Stallman
President, Free Software Foundation (https://gnu.org, https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36583; Package
emacs.
(Sat, 13 Jul 2019 23:18:01 GMT)
Full text and
rfc822 format available.
Message #59 received at 36583 <at> debbugs.gnu.org (full text, mbox):
On Jul 13 2019, Richard Stallman <rms <at> gnu.org> wrote:
> Sorry, I don't follow you. I don't see how there is any relationship
> between this .emacs veature and Tramp.
Tramp implements su in emacs.
Andreas.
--
Andreas Schwab, schwab <at> linux-m68k.org
GPG Key fingerprint = 7578 EB47 D4E5 4D69 2510 2552 DF73 E780 A9DA AEC1
"And now for something completely different."
Forcibly Merged 36583 36604.
Request was from
Glenn Morris <rgm <at> gnu.org>
to
control <at> debbugs.gnu.org.
(Sun, 14 Jul 2019 01:29:01 GMT)
Full text and
rfc822 format available.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36583; Package
emacs.
(Mon, 15 Jul 2019 12:50:01 GMT)
Full text and
rfc822 format available.
Message #64 received at 36583 <at> debbugs.gnu.org (full text, mbox):
> > I can see why you'd like that, but I think this should be the result of
> > an explicit choice rather than the default behavior.
>
> How do you suggest a user indicate that choice?
Don't know. How 'bout let the /root/.emacs file do something like:
(load (concat "~" (user-login-name) "/.emacs"))
?
For convenience, we could provide an ad-hoc function that would do that
"right" (i.e. looking for .emacs, .emacs.d/init.el, and things like
that). We could even put it in /root/.emacs.d/early-init.el.
Stefan
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36583; Package
emacs.
(Mon, 15 Jul 2019 13:06:02 GMT)
Full text and
rfc822 format available.
Message #67 received at 36583 <at> debbugs.gnu.org (full text, mbox):
Stefan Monnier <monnier <at> iro.umontreal.ca> writes:
> How 'bout let the /root/.emacs file do something like:
>
> (load (concat "~" (user-login-name) "/.emacs"))
>
> ?
> For convenience, we could provide an ad-hoc function that would do that
> "right" (i.e. looking for .emacs, .emacs.d/init.el, and things like
> that). We could even put it in /root/.emacs.d/early-init.el.
Wouldn't it be simpler to do this in the shell, e.g.,
cat >>/root/.bashrc <<'EOF'
alias emacs='emacs -u "$LOGNAME"'
EOF
although I would personally suggest
cat >>/root/.bashrc <<'EOF'
alias emacs='echo Do not run emacs as root'
EOF
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36583; Package
emacs.
(Mon, 15 Jul 2019 14:43:01 GMT)
Full text and
rfc822 format available.
Message #70 received at 36583 <at> debbugs.gnu.org (full text, mbox):
> Wouldn't it be simpler to do this in the shell, e.g.,
>
> cat >>/root/.bashrc <<'EOF'
> alias emacs='emacs -u "$LOGNAME"'
> EOF
>
> although I would personally suggest
>
> cat >>/root/.bashrc <<'EOF'
> alias emacs='echo Do not run emacs as root'
> EOF
Yes, there are various ways to skin this cat.
Stefan
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36583; Package
emacs.
(Tue, 23 Jul 2019 13:54:01 GMT)
Full text and
rfc822 format available.
Message #73 received at 36583 <at> debbugs.gnu.org (full text, mbox):
>>>>> Richard Stallman <rms <at> gnu.org>:
> I think I asked for this feature so that when I run Emacs as root I
> will get the commands I am accustomed to.
FWIW What broke things for me, was that it reads the .emacs file from
/home/sb directory, but it doesn't read /home/sb/.emacs.d/elpa/ and
therefore doesn't find the packages my .emacs refers to, so that startup
breaks in the middle of the setup and nothing works as expected.
If it had used my regular config fully, I never would have noticed.
The root user has a functional .emacs, but a much slimmer one. I've
basically customized away the behaviour I dislike. Either .emacs
(ie. /home/sb/.emacs or /root/.emacs) would have worked for me if they
could have run without failing.
(PS sorry for coming late to the discussion I originated. My incoming email
broke as a result of an openssl change in a debian version upgrade and I
haven't received email since July 11 until today, and didn't receive the
initial debbug response. And sorry if I came through as rude on emacs-help)
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36583; Package
emacs.
(Tue, 23 Jul 2019 14:31:02 GMT)
Full text and
rfc822 format available.
Message #76 received at 36583 <at> debbugs.gnu.org (full text, mbox):
> FWIW What broke things for me, was that it reads the .emacs file from
> /home/sb directory, but it doesn't read /home/sb/.emacs.d/elpa/ and
> therefore doesn't find the packages my .emacs refers to, so that startup
> breaks in the middle of the setup and nothing works as expected.
Indeed, as a first-approximation, it uses "~$LOGNAME/.emacs" but "$HOME/.emacs.d/elpa/".
In many circumstances "~$LOGNAME/" is the same as "$HOME/", and in yet
other circumstances Emacs uses "$HOME/.emacs" (which I find very handy)
rather than "~$LOGNAME/.emacs".
I'd rather we drop this special case of using "~$LOGNAME/.emacs" when we
decide that we're in "su". I know it's long standing behavior, but
there are many other ways for the user to get the same result, so
I think we can get rid of this dangerous quirk.
Stefan
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36583; Package
emacs.
(Sun, 04 Aug 2019 10:58:02 GMT)
Full text and
rfc822 format available.
Message #79 received at 36583 <at> debbugs.gnu.org (full text, mbox):
Another breakage discovered today: it's impossible to do X forwarding
with an unbroken emacs configuration.
If you do:
- ssh -Y someserver
- /bin/su - root
then the DISPLAY variable set by "ssh -Y" is lost and it's impossible to
do X forwarding.
Doing just "/bin/su" (which I used to do before the last debian upgrade)
gives me a broken emacs configuration (because ~sb/.emacs is used but
ELPA packages under ~sb/.emacs.d/ are not used).
(And as Lars has pointed out elsewhere in this thread: the emacs
configuration of root should be tighter and more security conscious than
the configuration of a regular user. So just including the .emacs.d/ of
the original user may not be the appropriate fix)
Removed tag(s) wontfix.
Request was from
Lars Ingebrigtsen <larsi <at> gnus.org>
to
control <at> debbugs.gnu.org.
(Thu, 03 Oct 2019 17:37:01 GMT)
Full text and
rfc822 format available.
Forcibly Merged 19477 36583 36604.
Request was from
Lars Ingebrigtsen <larsi <at> gnus.org>
to
control <at> debbugs.gnu.org.
(Tue, 25 Jan 2022 13:41:01 GMT)
Full text and
rfc822 format available.
Removed tag(s) notabug.
Request was from
Stefan Kangas <stefankangas <at> gmail.com>
to
control <at> debbugs.gnu.org.
(Tue, 11 Feb 2025 07:25:02 GMT)
Full text and
rfc822 format available.
This bug report was last modified 123 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.