Skip to content

Ensure connected SSHD session inherits PATH from parent process.#673

Open
rgrunber wants to merge 1 commit intoche-incubator:mainfrom
rgrunber:inherit-path
Open

Ensure connected SSHD session inherits PATH from parent process.#673
rgrunber wants to merge 1 commit intoche-incubator:mainfrom
rgrunber:inherit-path

Conversation

@rgrunber
Copy link
Collaborator

@rgrunber rgrunber commented Mar 23, 2026
edited by coderabbitai bot
Loading

What issues does this PR fix?

  1. Create a DevWorkspace using the "Visual Studio Code (Desktop) (SSH) editor, and an empty workspace.
  2. From the web terminal for the UDI image : echo $PATH | tr ':' '\n' and you'll see /home/tooling/go/bin present.
  3. Now connect to that same workspace over SSH and perform the same command from (2). You won't find /home/tooling/go/bin on the path.

The problem is the first line at

che-code/build/scripts/sshd.start

Line 68 in cf1d448

echo 'export PATH=$PATH:$HOME/bin' >> $HOME/.profile

The single quotes mean the PATH references on the right-hand-side is never expanded and at runtime it's too late. We even avoid injecting it at

che-code/build/scripts/sshd.start

Lines 69 to 71 in cf1d448

# Set up environment variables injected into PID 1 (.profile & .bashrc)
env | grep -v 'PATH=' | sed 's|^|export |' >> $HOME/.profile
because we just modified it above.

This PR should fix this so that it inherits the PATH from the parent, but also includes the $HOME/bin location where the additional scripts needed for the SSHD setup are present.

  • I have not tested this thoroughly at all but seems to fix the issue.

Summary by CodeRabbit

  • Chores
    • Refined environment variable initialization logic to ensure consistent PATH configuration during application startup.

@rgrunber
Ensure connected SSHD session inherits PATH from parent process.
c040b26 
Signed-off-by: Roland Grunberg <rgrunber@redhat.com>
@github-actions
Copy link

github-actions bot commented Mar 23, 2026
edited
Loading

Click here to review and test in web IDE: Contribute

@coderabbitai
Copy link

coderabbitai bot commented Mar 23, 2026
edited
Loading

📝 Walkthrough

Walkthrough

The sshd startup script's environment variable injection logic was modified to export all environment variables from PID 1 and then explicitly append a PATH augmentation line, rather than filtering out PATH variables during the initial export phase.

Changes

Cohort / File(s) Summary
Environment Variable Injection
build/scripts/sshd.start		 Changed from excluding PATH variables via grep filter during env export to exporting all variables followed by explicit export PATH=$PATH:$HOME/bin appended to .profile.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Suggested reviewers

  • azatsarynnyy
  • vitaliy-guliy
  • RomanNikitenko

Poem

🐰 The PATH now flows so clear and bright,
All variables exported, set just right,
Then home and bin join in the dance,
With every shell, a second chance! 🌿

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately reflects the main change: ensuring SSH sessions inherit the parent process PATH, which is the primary objective and central change of this PR.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Mar 23, 2026
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
build/scripts/sshd.start (1)

70-72: Make shell init file generation idempotent.

Using >> on Line 70 and Line 72 appends duplicate exports on each restart when $HOME is persistent. Prefer rewriting the generated block each run (or guarding with markers) to avoid unbounded growth and repeated PATH entries.

♻️ Example refactor 
-env | sed 's|^|export |' >> $HOME/.profile
-echo 'export PATH=$PATH:$HOME/bin' >> $HOME/.profile
-cat $HOME/.profile >> $HOME/.bashrc
+{
+  env | sed 's|^|export |'
+  echo 'export PATH=$PATH:$HOME/bin'
+} > "$HOME/.profile"
+cat "$HOME/.profile" > "$HOME/.bashrc"
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@build/scripts/sshd.start` around lines 70 - 72, The script currently appends
environment exports and PATH lines unconditionally using the lines containing
"env | sed 's|^|export |' >> $HOME/.profile" and "echo 'export
PATH=$PATH:$HOME/bin' >> $HOME/.profile" which causes duplicate entries on each
restart; change this to an idempotent update by writing a marked block to
$HOME/.profile (or removing any existing marker-delimited block first) and then
appending the single block (including the exported env lines and PATH update)
once, and ensure you update .bashrc only once by replacing the "cat
$HOME/.profile >> $HOME/.bashrc" behavior with either sourcing the marker block
into .bashrc or adding a guard (grep for the marker or PATH entry) before
modifying .bashrc.
🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@build/scripts/sshd.start`:
- Around line 70-72: The script currently appends environment exports and PATH
lines unconditionally using the lines containing "env | sed 's|^|export |' >>
$HOME/.profile" and "echo 'export PATH=$PATH:$HOME/bin' >> $HOME/.profile" which
causes duplicate entries on each restart; change this to an idempotent update by
writing a marked block to $HOME/.profile (or removing any existing
marker-delimited block first) and then appending the single block (including the
exported env lines and PATH update) once, and ensure you update .bashrc only
once by replacing the "cat $HOME/.profile >> $HOME/.bashrc" behavior with either
sourcing the marker block into .bashrc or adding a guard (grep for the marker or
PATH entry) before modifying .bashrc.
ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 47d4ef32-e717-4100-8fd5-2d9b1f853b43

📥 Commits

Reviewing files that changed from the base of the PR and between cf1d448 and c040b26.

📒 Files selected for processing (1)
  • build/scripts/sshd.start

@github-actions
Copy link

github-actions bot commented Mar 23, 2026

Pull Request images published ✨

Editor amd64: quay.io/che-incubator-pull-requests/che-code:pr-673-amd64
Editor arm64: quay.io/che-incubator-pull-requests/che-code:pr-673-arm64
Dev image: quay.io/che-incubator-pull-requests/che-code-dev:pr-673-dev-amd64

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@azatsarynnyy azatsarynnyy Awaiting requested review from azatsarynnyy azatsarynnyy is a code owner

@RomanNikitenko RomanNikitenko Awaiting requested review from RomanNikitenko RomanNikitenko is a code owner

@vitaliy-guliy vitaliy-guliy Awaiting requested review from vitaliy-guliy vitaliy-guliy is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@rgrunber