2

I have installed jdk but when I tried to use the java command it said "command not found".

So I then set the environment variable for my account in .bashrc and it works okay.

export JAVA_HOME=/usr/java/jdk1.7.0_03
export CLASSPATH=.:$JAVA_HOME/jre/lib/rt.jar:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/l\
ib/tools.jar
export PATH=$PATH:$JAVA_HOME/bin

However when I try to use sudo to execute java it says that again. So I used sudo -s to switch to root, put those into /etc/profile, and executed source /etc/profile

This works if I keep logged in as root but after I return to my own account and use sudo java it still says sudo: java: command not found and those environment variables become blank.

What should I do to solve the problem? I guess it should be easy to solve.

NSF
  • 2,499
  • 6
  • 31
  • 55
  • 1
    Why are you using `sudo` to run Java under your own account? You don't need it; just run `java` directly. – Ken White Sep 06 '12 at 22:22
  • 1
    @KenWhite Well it's just a test. The crux is that the root account cannot preserve the envs – NSF Sep 06 '12 at 22:34

5 Answers5

5

Some distros, by default, reset your environment variables to ensure programs executed under root run as expected. Any environment variable not specified in a whitelist is not carried into your root session.

The instruction to reset to environment as well as what variables to allow is defined in /etc/sudoers. (You need permissions to view/edit this).

For example, on my Fedora 16 box, I have

Defaults    env_reset
Defaults    env_keep =  "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR LS_COLORS"
Defaults    env_keep += "MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE"
Defaults    env_keep += "LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES"
Defaults    env_keep += "LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE"
Defaults    env_keep += "LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY"

Note that XAUTHORITY isn't there by default, I had to add it.

If you want your JAVA_HOME envvar to carry over, you could add it here. However, for this to be all you need to do, you'd need to add PATH to this list and that is really discouraged.

So also in this file is a line like the following:

Defaults    secure_path = /sbin:/bin:/usr/sbin:/usr/bin

This will be your $PATH inside your sudo session. Just ensure that you have a symlink to the java executable you want to use in one of those folders, and you'll be fine.

(Since you are getting the "command not found message", there are no java executables on your secure path, but if there were, you'd need to either remove it, or place your new symlink "higher" (earlier) in the path)

Alternative 1

Add an alias to java (eg alias java='/usr/java/latest/bin/java') inside a file like /etc/bashrc

Alternative 2

Add an alias to java in your local profile or bashrc files and an alias to sudo that will preserve your aliases.

jedwards
  • 29,432
  • 3
  • 65
  • 92
  • Well I added "JAVA_HOME" to env_keep and it works. Not sure if it's the correct way to solve the problem or just because of luck. Correct me if it harms security. – NSF Sep 07 '12 at 03:46
  • The extent to which it affects security is pretty small. You've opened yourself up to a malicious program/user changing that env. var. on your user account to point to a different malicious java install that, when run via sudo, gives root privileges to the malicious java, not the expected java. I'd feel comfortable doing what you did without worrying about a huge security vulnerability. Happy it helped. – jedwards Sep 07 '12 at 18:00
2

man sudo will give you the answer:

  -E   The -E (preserve environment) option indicates to the security policy that the user wishes
       to preserve their existing environment variables.  The security policy may return an error 
       if the -E option is specified and the user does not have permission to preserve the environment.
jdevelop
  • 12,176
  • 10
  • 56
  • 112
  • 2
    sudo -E java -version still gives sudo: java: command not found. I guess I'm not using it correctly? – NSF Sep 06 '12 at 22:35
  • Also switching to root using sudo -s and echo $JAVA_HOME still gives blank – NSF Sep 06 '12 at 22:37
0

You probably want to use something like update-alternatives (not sure if this is available on all distros).

It creates and manages symlinks in /usr/bin (ie. executables available to all).

Example usage: sudo update-alternatives --install java java /path/to/java/home/bin/java

I think java can then extract the location of JAVA_HOME based on it's executable location.

Dunes
  • 37,291
  • 7
  • 81
  • 97
0

Check the permission on the jdk folder, make sure it's rwx.

johnnyRose
  • 7,310
  • 17
  • 40
  • 61
prtm
  • 1
0

I solved the problem by

vi /etc/sudoers

and then put $JAVA_HOME/bin in

Defaults        secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin:$JAVA_HOME/bin"
lyuboe
  • 151
  • 1
  • 6