2

I am having a very weird issue with my PATH variable. In particular, at some point /usr/lib/hardening-wrapper/bin is added and I would like it not to be.

The first thing I did was to check ~/.bashrc, ~/.bash_profile, /etc/profile, /etc/profile.d/*, and /etc/environment to see if any of them were setting it, but they were not.

Next I thought perhaps a stealthy script chain might be doing so, so I ran:

PS4='+$BASH_SOURCE> ' BASH_XTRACEFD=7 bash -xl 7>log

To see if it would shed some light. To my amazement, /usr/lib/hardening-wrapper/bin wasn't there. To see if this was replicable in a simpler environment, I just ran a naked bash from the prompt. However in this bash, PATH once again contains /usr/lib/hardening-wrapper/bin.

The scary thing is that the same path exists in my root user shell too; however, it doesn't happen if I don't run X. I thought it could have to do with the X configuration scripts, but none of them modified PATH. I also thought it could be in the configuration of my terminal (termite), but it doesn't do so either. Frankly, at this point, I'm at a loss.

Can anybody tell me how I can stop this path from being added to my PATH variable?

FOLLOWUP:

Overnight I ran a find . -type f -print0 | parallel --progress --null -L 100 -m -j 4 grep -I 'hardening-wrapper' to see what it would find. Overall it found the following matches:

  • .bash_history because I've been running a bunch of commands that include it
  • ./csassignments/ece454/thrift-0.10.0 contains my thrift installation for a course I took on distributed computation. In the 'tutorial_client' it sets and exports the PATH in 'relink_command'. I suspect this is because my PATH contained it when I installed thrift?
  • The source code of GNU binutils and GCC that I use to build cross compilers both contain logs that print PATH. Like above I suspect they just read what my path was.
  • A bunch of CMake projects I've built from source (llvm) seem to have also read my old PATH

As far as I can tell, none of those is being loaded automatically. And the only one that actually exports the path it modifies is the thrift tutorial client which I haven't touched since I took the course.

Improve this question
6
  • Are you sure /etc/profile.d/hardening-wrapper.sh doesn't exist? Commented Nov 16, 2017 at 6:19
  • 1
    Yep. I even ran grep -RnH "hardening" /etc/profile.d -- no results. Commented Nov 16, 2017 at 6:31
  • 1
    Are you running Arch Linux? Commented Nov 16, 2017 at 6:56
  • 1
    You didn't mention that you checked /etc/bash.bashrc. And what if you do bash --norc or bash --noprofile? Finally, you could do grep -r hardening /etc to find more traces. Commented Nov 16, 2017 at 7:09
  • Both bash --norc and bash --noprofile contain the hardening wrapper. grep -r hardening /etc actually returned 0 results. Commented Nov 16, 2017 at 14:08

1 Answer 1

Reset to default
1

The scary thing is that the same path exists in my root user shell too, however it doesn't happen if I don't run X. I thought it could have to do with the X configuration scripts, but none of them modified PATH.

Actually, you claim it only gets set when X is started, this "usually" means it is set by X somehow. Sadly, you do not say which desktop environment you use, but this is good, because it means that I have to come up with a generic answer.

You do not tell us which X configuration files you checked. The following set environment variables for gui applications:

/etc/X11/xinit/xinitrc ~/.xinitrc /etc/xprofile ~/.xprofile

Source: https://wiki.archlinux.org/index.php/environment_variables

Also have a look at https://wiki.archlinux.org/index.php/Xprofile

If all this does not help, it would be nice to know which GNU/Linux distribution you use with which desktop environment.

Improve this answer
1
  • Those are exactly the files I checked (though I lack the xprofiles). I am using Arch Linux with i3-gaps, no DE. Still none of them modified the environment variables. Commented Nov 16, 2017 at 14:05

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.