71

What are correct places for:

  1. Global environment variables meant to affect all users?
  2. User-specific environment variables?
Knowledge Cube
  • 14,911
Ivan
  • 58,745

4 Answers4

89

To add to sagarchalise's answer, I can summarize what the link suggests as appropriate places for settings.

For global settings, system-wide environment variables

  • Use /etc/environment
  • Don't use /etc/profile or /etc/bash.bashrc

From the page:

/etc/environment [...] is specifically meant for system-wide environment variable settings. It is not a script file, but rather consists of assignment expressions, one per line. Specifically, this file stores the system-wide locale and path settings.

Using /etc/profile is a very Unix-y way to go, but its functionality is greatly reduced under Ubuntu. It exists only to point to /etc/bash.bashrc and to collect entries from /etc/profile.d.

On my system, the only interesting entry entry in profile.d is /etc/profile.d/bash_completion.sh.

For local or per-user settings

The Ubuntu page recommends ~/.pam_environment, which is loaded by the PAM system when your session is started (TTY, GUI, SSH, etc.). It is the user-equivalent of /etc/environment and uses the same syntax. The link suggests alternatives if that doesn't work:

  • ~/.profile for most shells. This file may also be applied to your GUI session by the display manager, but this need not be the case for all display managers or display servers (X11 vs Wayland) or sessions.

And bash-specific:

  • ~/.bash_profile or ~./bash_login - If one of these exists, bash executes it instead of ~/.profile when bash is started as a login shell. Bash will prefer ~/.bash_profile to ~/.bash_login. [...] These files won't influence a graphical session by default."
  • ~/.bashrc - "... may be the easiest place to set variables".
muru
  • 207,228
belacqua
  • 23,540
18

I think the community wiki page on environment variables will help you sort out

wjandrea
  • 14,504
sagarchalise
  • 24,306
7

You've got:

/etc/profile: system-wide .profile file for the Bourne shell (sh(1)) and Bourne compatible shells (bash(1), ksh(1), ash(1), ...).

which in Lucid and Maverick run

/etc/profile.d/*.sh

if present, and if the user's shell is bash:

/etc/bash.bashrc

For user environment, there is a confusing array specific to the shell and whether it is considered a "login shell". If the shell is bash:

   ~/.bash_profile
          The personal initialization file, executed for login shells
   ~/.bashrc
          The individual per-interactive-shell startup file

for sh/dash:

$HOME/.profile

for zsh, I'm not even going to try to make sense of this.

msw
  • 4,696
5

As recommended on https://help.ubuntu.com/community/EnvironmentVariables:

  1. Global environment variables meant to affect all users should go in /etc/environment.

  2. User-specific environment variables should be set in ~/.pam_environment.

Avoid the profile and rc files for setting environment variables on Ubuntu. They have caused me more headaches than they are worth.

This is easier said than done however ;)

It is possible that you may run into the same configuration gap that existed for me. See the workaround for encrypted home below.

My ~/.pam_environment:

PATH            DEFAULT=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:${HOME}/bin
IDEA_JDK        DEFAULT=${HOME}/Applications/jdk

Why the ugly static path? ${PATH} would not work for me. I bricked my login several times trying to work around it so I am sticking with the ugly static copy of the defaults :)

Workaround for Encrypted Home Folders

In Ubuntu releases up to and including Precise 12.04 Beta 2, if you are using an encrypted home directory you will need to modify /etc/pam.d/common-session to get it to load ~/.pam_environment. This solution apparently works for earlier releases, but I have not tested it.

Guenther Montag (g-montag) wrote on 2010-08-19:

This seems to be an issue with encrypted home directories. I added

session required pam_env.so

at the end of /etc/pam.d/common-session and now ~/.pam_environment gets read. On another system without encrypted home directories (also 10.04) the work around is not needed. Perhaps in my case the system tries to read ~/.pam_environment before it is decrypted.

Adapted from my answer on Super User: https://superuser.com/a/408373/66856

Community
  • 1
Alain O'Dea
  • 541