Runing a command without inheriting parent's environment
Here's an answer that doesn't require sudo privileges or the user's password, but still provides an environment like what you'd get on a fresh login.
env -i HOME="$HOME" bash -l -c 'your_command'
Example:
$ export ABC=123
$ env -i HOME="$HOME" bash -l -c 'env' | grep ABC
$ env HOME="$HOME" bash -l -c 'env' | grep ABC
ABC=123
Breaking this down for explanation:
env -i HOME="$HOME"
: Clears the environment. The-i
sets up an empty environment with no variables whatsoever. This is problematic because it means that if you try to naively runbash -l
it won't load your.bash_profile
etc. becauseHOME
isn't set. To mitigate this, we explicitly passHOME="$HOME"
, creating an environment whereHOME
(and onlyHOME
) is set.bash -l -c ...
: Runs the desired command in a login shell. You'll want a login shell for this because we're starting from a clean environment and need to reload everything.
Notably:
- This doesn't require sudo privileges (the
sudo
version does). - This doesn't require typing the user's password (the
su
version does). - This doesn't require running an SSH server and having a passwordless key that can be used to log back in to the machine (the
ssh
version does).
su -l $USER
sudo -u $USER -i
For something even more aggressive try env -i bash
, but that unsets everything including $HOME and $TERM.