Runing a command without inheriting parent's environment
Here's an answer that doesn't require sudo privileges or the user's password, but still provides an environment like what you'd get on a fresh login.
env -i HOME="$HOME" bash -l -c 'your_command'
Example:
$ export ABC=123
$ env -i HOME="$HOME" bash -l -c 'env' | grep ABC
$ env HOME="$HOME" bash -l -c 'env' | grep ABC
ABC=123
Breaking this down for explanation:
env -i HOME="$HOME": Clears the environment. The-isets up an empty environment with no variables whatsoever. This is problematic because it means that if you try to naively runbash -lit won't load your.bash_profileetc. becauseHOMEisn't set. To mitigate this, we explicitly passHOME="$HOME", creating an environment whereHOME(and onlyHOME) is set.bash -l -c ...: Runs the desired command in a login shell. You'll want a login shell for this because we're starting from a clean environment and need to reload everything.
Notably:
- This doesn't require sudo privileges (the
sudoversion does). - This doesn't require typing the user's password (the
suversion does). - This doesn't require running an SSH server and having a passwordless key that can be used to log back in to the machine (the
sshversion does).
su -l $USER
sudo -u $USER -i
For something even more aggressive try env -i bash, but that unsets everything including $HOME and $TERM.