使用sudo时如何保留环境变量

本文翻译自：How to keep environment variables when using sudo

When I use any command with sudo the environment variables are not there. 当我对sudo使用任何命令时，环境变量不存在。 For example after setting HTTP_PROXY the command wget works fine without sudo . 例如，在设置HTTP_PROXY之后，命令wget无需sudo正常工作。 However if I type sudo wget it says it can't bypass the proxy setting. 但是，如果我输入sudo wget它说它不能绕过代理设置。

---

#1楼

参考：https://stackoom.com/question/aDxN/使用sudo时如何保留环境变量

---

#2楼

You can also combine the two env_keep statements in Ahmed Aswani's answer into a single statement like this: 您还可以将Ahmed Aswani的答案中的两个env_keep语句合并为一个语句，如下所示：

Defaults env_keep += "http_proxy https_proxy"

You should also consider specifying env_keep for only a single command like this: 您还应该考虑只为单个命令指定env_keep ，如下所示：

Defaults!/bin/[your_command] env_keep += "http_proxy https_proxy"

---

#3楼

对于要一次性使用的单个变量，可以使其成为命令的一部分。

sudo http_proxy=$http_proxy wget "http://stackoverflow.com"

---

#4楼

If you have the need to keep the environment variables in a script you can put your command in a here document like this. 如果需要将环境变量保存在脚本中，可以将命令放在此处的此处文档中。 Especially if you have lots of variables to set things look tidy this way. 尤其是如果您有很多变量来设置内容时，看起来会很整洁。

# prepare a script e.g. for running maven
runmaven=/tmp/runmaven$$
# create the script with a here document 
cat << EOF > $runmaven
#!/bin/bash
# run the maven clean with environment variables set
export ANT_HOME=/usr/share/ant
export MAKEFLAGS=-j4
mvn clean install
EOF
# make the script executable
chmod +x $runmaven
# run it
sudo $runmaven
# remove it or comment out to keep
rm $runmaven

---

#5楼

A simple wrapper function (or in-line for loop) 一个简单的包装函数（或内联for循环）

I came up with a unique solution because: 我提出了一个独特的解决方案，因为：

• sudo -E "$@" was leaking variables that was causing problems for my command sudo -E "$@"泄漏了导致我的命令出现问题的变量
• sudo VAR1="$VAR1" ... VAR42="$VAR42" "$@" was long and ugly in my case sudo VAR1="$VAR1" ... VAR42="$VAR42" "$@"在我的情况下又长又丑

demo.sh 演示

#!/bin/bash

function sudo_exports(){
    eval sudo $(for x in $_EXPORTS; do printf '%q=%q ' "$x" "${!x}"; done;) "$@"
}

# create a test script to call as sudo
echo 'echo Forty-Two is $VAR42' > sudo_test.sh
chmod +x sudo_test.sh

export VAR42="The Answer to the Ultimate Question of Life, The Universe, and Everything."

export _EXPORTS="_EXPORTS VAR1 VAR2 VAR3 VAR4 VAR5 VAR6 VAR7 VAR8 VAR9 VAR10 VAR11 VAR12 VAR13 VAR14 VAR15 VAR16 VAR17 VAR18 VAR19 VAR20 VAR21 VAR22 VAR23 VAR24 VAR25 VAR26 VAR27 VAR28 VAR29 VAR30 VAR31 VAR32 VAR33 VAR34 VAR35 VAR36 VAR37 VAR38 VAR39 VAR40 VAR41 VAR42"

# clean function style
sudo_exports ./sudo_test.sh

# or just use the content of the function
eval sudo $(for x in $_EXPORTS; do printf '%q=%q ' "$x" "${!x}"; done;) ./sudo_test.sh

Result 结果

$ ./demo.sh
Forty-Two is The Answer to the Ultimate Question of Life, The Universe, and Everything.
Forty-Two is The Answer to the Ultimate Question of Life, The Universe, and Everything.

How? 怎么样？

This is made possible by a feature of the bash builtin printf . 这是通过bash内置的printf的功能实现的。 The %q produces a shell quoted string. %q产生一个用外壳引号引起来的字符串。 Unlike the parameter expansion in bash 4.4 , this works in bash versions < 4.0 与bash 4.4中的参数扩展不同，它在bash版本<4.0中有效

---

#6楼

First you need to export HTTP_PROXY . 首先，您需要export HTTP_PROXY 。 Second, you need to read man sudo carefully, and pay attention to the -E flag. 其次，您需要仔细阅读man sudo ，并注意-E标志。 This works: 这有效：

$ export HTTP_PROXY=foof
$ sudo -E bash -c 'echo $HTTP_PROXY'

Here is the quote from the man page: 这是手册页中的报价：

-E, --preserve-env
             Indicates to the security policy that the user wishes to preserve their
             existing environment variables.  The security policy may return an error
             if the user does not have permission to preserve the environment.