In Mountain Lion why do remote shells via ssh do NOT inherit the environment of the launchd parent process?
When logging in to my Mountain Lion Mac remotely via ssh
I do not get the same PATH
variable as when I open a shell locally: The local shell inherits its environment as expected from launchd
and therefore has the PATH value I set in /etc/launchd.conf
.
With the remote shell I hit a surprise: When I open a shell via ssh
it does not inherit the environment variables set in /etc/launchd.conf
although the related ssh
processes all have launchd
as their parents. Why???
A cut from a ps -ef
output shows:
UID PID PPID C STIME TTY TIME CMD
0 1 0 0 Mon01PM ?? 9:07.07 /sbin/launchd
.
.
.
501 150 1 0 Mon01PM ?? 0:17.99 /sbin/launchd
.
.
.
501 39994 150 0 Thu11AM ?? 0:00.72 /usr/bin/ssh-agent -l
.
.
.
0 74002 1 0 2:08PM ?? 0:00.05 /usr/sbin/sshd -i
501 74005 74002 0 2:08PM ?? 0:00.00 /usr/sbin/sshd -i
501 74000 9844 0 2:08PM ttys000 0:00.02 ssh [email protected]
I can fix the issue by setting PATH
e.g. in .bashrc
, but I'm in search for a way to give the same PATH
to all applications launched under Mountain Lion (see In Mountain Lion how do I set the PATH environment variable...).
So my question is: Why do remote shells via ssh do not inherit the launchd environment?
I've looked for an answer too and eventually found a related answer to this question, How to set system-wide environment variables on OS X Mavericks.
It is a security measure, particularly to ensure secure shell users with a disabled shell, where SHELL
is set to /bin/false
, cannot gain unsolicited access.
One workaround is settting PermitUserEnvironment
in your ssh config; please read security caveats in above mentioned answer before doing this.