Skip to content

DevContainer populate system file /etc/environment and broke sudo and su. #11320

New issue
New issue
Open
Open
DevContainer populate system file /etc/environment and broke sudo and su.#11320
Assignees
chrmarti
Labels
containersIssue in vscode-remote containers
@etirta

Description

@etirta
etirta
opened on Nov 20, 2025

The VS Code Extension, when attaching to a running Container, it writes some env. var. to /etc/environment. This breaks sudo and su as the HOME env. var. is no longer set to the appropriate target user's home dir. (or /root for sudo) and cause a lot of issues.

One should NEVER set HOME env. var. on /etc/environment, as it will override that env. var. for everyone in the system. Luckily the env. var. USER is still correct (may be it got set after /etc/environment setting).

  • VSCode Version:
Version: 1.106.1 (system setup)
Commit: cb1933bbc38d329b3595673a600fab5c7368f0a7
Date: 2025-11-16T10:20:23.745Z
Electron: 37.7.0
ElectronBuildId: 12781156
Chromium: 138.0.7204.251
Node.js: 22.20.0
V8: 13.8.258.32-electron.0
OS: Windows_NT x64 10.0.26100
  • Local OS Version: Windows_NT x64 10.0.26100
  • Remote OS Version:
NAME="CentOS Stream"
VERSION="10 (Coughlan)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="10"
PLATFORM_ID="platform:el10"
PRETTY_NAME="CentOS Stream 10 (Coughlan)"
ANSI_COLOR="0;31"
LOGO="fedora-logo-icon"
CPE_NAME="cpe:/o:centos:centos:10"
HOME_URL="https://centos.org/"
VENDOR_NAME="CentOS"
VENDOR_URL="https://centos.org/"
BUG_REPORT_URL="https://issues.redhat.com/"
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux 10"
REDHAT_SUPPORT_PRODUCT_VERSION="CentOS Stream"
  • Remote Extension/Connection Type: Dev Containers
  • Logs:
$ cat /etc/environment 

PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
container="oci"
TERM="xterm"
HOME="/home/etirtara"
USER="etirtara"
HOSTNAME="55455cb8862c"

Steps to Reproduce:

  1. Prepare a Container Image that has multiple user and can perform sudo and su.
  2. Start that Container (I used podman) on Remote Host.
  3. Ensure the /etc/environment is empty.
  4. Use VS Code Extension DevContainer Attach to Running Container.
  5. Check the content of /etc/environment is now populated.
  6. The modified time stamp of /etc/environment match the time the VS Code server in the Container is started.
  7. Now do either su to another user or sudo -i to become root. Then to printenv, the env. var. HOME is set to /home/etirtara because it's overridden by /etc/environment settings.

Does this issue occur when you try this locally?: Yes/No
Does this issue occur when you try this locally and all extensions are disabled?: Yes/No

Metadata

Metadata

Assignees

Labels

containersIssue in vscode-remote containers

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions