Because I am stupid, I deleted /lib/libgssapi_krb5.so.2 , which turns out to be crucially important to the system, trying to debug a different error. After I did that, when I run any command with sudo I get
sudo: PAM authentication error: Module is unknown
sudo: a password is required
I have tried the steps outlined here, but if I run pkexec nano /etc/pam.d/common-session-noninteractive I get
Error executing command as another user: Not authorized
This incident has been reported.
And I can’t create a file there with nano, since it requires sudo privileges. Is there any way around this? Any idea why deleting that library broke sudo?
The file you deleted is from the package krb5 which is a dependecy of audit → pam, which is a hard dependency for sudo. The config files in /etc/pam.d are set to load this library which fails because you deleted it.
But the thing is, I had another copy of /lib/libgssapi_krb5.so.2 in an environment called junest, so I added its path to LD_LIBRARY_PATH, and this solved some other issues like opening Dolphin and VSCode, but sudo still won’t work. Why wouldn’t that resolve the sudo issue if it’s purely looking for it as a dependency and the library exists on the LD path?
So I’ve mounted the filesystem to /mnt, then running pacman --sysroot /mnt -S krb5 gives
pacman --sysroot /mnt -S krb5
warning: krb5-1.20.1-1 is up to date -- reinstalling
looking for conflicting packages...
Packages (1) krb5-1.20.1-1
Total Download Size: 1.24 MiB
Total Installed Size: 4.31 MiB
Net Upgrade Size: 0.00 MiB
:: Proceed with installation? [Y/n] y
error: could not open file: /etc/mtab: No such file or directory
error: could not determine filesystem mount points
error: failed to commit transaction (unexpected error)
Errors occurred, no packages were upgraded.
Not sure why this is happening. Maybe I can just copy the existing libgssapi_krb5.so.2 into /lib manually?
This is what I ended up doing; chroot onto the filesystem, copied the symlink from the junest environment where it was available to where I had deleted it from, then sudo worked, and then reinstalled krb5 with pacman. Thanks all for your help.