On Fri, Mar 26, 2010 at 04:01:53PM +0100, Rémi PALANCHER wrote: > I'm using Debian Lenny with , and currently I have : > I would like to add /myowndir to the $PATH for remote command > execution, as well as for remote login shells. One way is to put the PATH=... command in ~/.ssh/environment and then make sure PermitUserEnvironment is set to yes in the sshd_config. > As far I've investigated, $PATH is fixed by /etc/profile for interactive > connection. But unfortunately, for remote command execution, this script > is not executed. That's correct. > I would like to add this dir to $PATH for all users except the famous > one with uid 0. So, I guess I can't use those basics key/value files > such as /etc/environment That's a Debianism, or at least a Linuxism. It's a configuration file that's read by PAM (when readenv=1 appears in the matching PAM config file entry). You -could- use that, in theory, but it's not a shell script. So you can't do things like PATH=$PATH:/myowndir but rather, you have to type out the entire PATH=/foo:/bar:/myowndir value. It's pretty bad. (I once wanted to use it to set MAIL=$HOME/Maildir/ globally, but you simply can't do that with it. I gave up. It's nigh useless.) > or ~/.ssh/environment. This is the appropriate place, as far as I can tell. > Is there any simple way to deal with such constraints in OpenSSH? > Intuitively, I was thinking of well-thought combination of 'UsePAM yes' > and modules in /etc/pam.d/sshd? Debian's sshd_config has "UsePAM yes" by default. So, if you do decide to go with the /etc/environment thing, it ought to work, as far as I know.
