i get this error whenever I try installing anything via pacman, pamac works fine but its a bother opening it
sudo: error in /etc/sudo.conf, line 0 while loading plugin “sudoers_policy”
sudo: unable to load /usr/lib/sudo/sudoers.so: libldap-2.4.so.2: cannot open shared object file: No such file or directory
sudo: fatal error, unable to load plugins
Hi @stolen_cinnamon,
To me it looks like that’s because there’s something wrong in/with your sudoers file…
Please post the contents of /etc/sudoers:
sudo cat /etc/sudoers
(It doesn’t contain password or some such.)
Pamac would work fine, IIRC because it uses Polkit to authenticate/obtain required permissions.
I recommend using it anyway, but in this case, the sudo error needs to be dealt with anyway.
I am facing the same error and when I try sudo cat /etc/sudoers I get the same error again (since I using sudo I guess).
# become root
su
# you can probably now print using cat
cat /etc/sudoers
# to open or edit the file use visudo always (and in this case use an env var so its nano instead of vi)
SUDO_EDITOR=/usr/bin/micro; visudo /etc/sudoers
I am on a brand new install of Manjaro KDE Plasma if that is relevant at all
## sudoers file.
##
## This file MUST be edited with the 'visudo' command as root.
## Failure to use 'visudo' may result in syntax or file permission errors
## that prevent sudo from running.
##
## See the sudoers man page for the details on how to write a sudoers file.
##
##
## Host alias specification
##
## Groups of machines. These may include host names (optionally with wildcards),
## IP addresses, network numbers or netgroups.
# Host_Alias WEBSERVERS = www1, www2, www3
##
## User alias specification
##
## Groups of users. These may consist of user names, uids, Unix groups,
## or netgroups.
# User_Alias ADMINS = millert, dowdy, mikef
##
## Cmnd alias specification
##
## Groups of commands. Often used to group related commands together.
# Cmnd_Alias PROCESSES = /usr/bin/nice, /bin/kill, /usr/bin/renice, \
# /usr/bin/pkill, /usr/bin/top
# Cmnd_Alias REBOOT = /sbin/halt, /sbin/reboot, /sbin/poweroff
##
## Defaults specification
##
## You may wish to keep some of the following environment variables
## when running commands via sudo.
##
## Locale settings
# Defaults env_keep += "LANG LANGUAGE LINGUAS LC_* _XKB_CHARSET"
##
## Run X applications through sudo; HOME is used to find the
## .Xauthority file. Note that other programs use HOME to find
## configuration files and this may lead to privilege escalation!
# Defaults env_keep += "HOME"
##
## X11 resource path settings
# Defaults env_keep += "XAPPLRESDIR XFILESEARCHPATH XUSERFILESEARCHPATH"
##
## Desktop path settings
# Defaults env_keep += "QTDIR KDEDIR"
##
## Allow sudo-run commands to inherit the callers' ConsoleKit session
# Defaults env_keep += "XDG_SESSION_COOKIE"
##
## Uncomment to enable special input methods. Care should be taken as
## this may allow users to subvert the command being run via sudo.
# Defaults env_keep += "XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER"
##
## Uncomment to use a hard-coded PATH instead of the user's to find commands
# Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
##
## Uncomment to send mail if the user does not enter the correct password.
# Defaults mail_badpass
##
## Uncomment to enable logging of a command's output, except for
## sudoreplay and reboot. Use sudoreplay to play back logged sessions.
# Defaults log_output
# Defaults!/usr/bin/sudoreplay !log_output
# Defaults!/usr/local/bin/sudoreplay !log_output
# Defaults!REBOOT !log_output
##
## Runas alias specification
##
##
## User privilege specification
##
root ALL=(ALL) ALL
## Uncomment to allow members of group wheel to execute any command
# %wheel ALL=(ALL) ALL
## Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL
## Uncomment to allow members of group sudo to execute any command
# %sudo ALL=(ALL) ALL
## Uncomment to allow any user to run sudo if they know the password
## of the user they are running the command as (root by default).
# Defaults targetpw # Ask for the password of the target user
# ALL ALL=(ALL) ALL # WARNING: only use this together with 'Defaults targetpw'
## Read drop-in files from /etc/sudoers.d
@includedir /etc/sudoers.d
The file has the wrong permissions, it should only be writable by the owner, and its currently not.
To confirm that run:
ls -l /usr/lib/sudo/sudoers.so
When the permissions are correct, that should print -rw-r--r--:
-rw-r--r-- 1 root root 624360 Nov 13 14:43 /usr/lib/sudo/sudoers.so
EDIT (thanks @Mirdarthos )
To fix the issue run:
sudo su
chmod 644 /usr/lib/sudo/sudoers.so
chown -R root /usr/lib/sudo
exit
This won’t work. Running things with sudo is exactly the problem right now.
Instead, do as @cscs said and first become root then no sudo is neccessary:
root:su -
chmod 644 /usr/lib/sudo/sudoers.so
chown -R root /usr/lib/sudo
Hope this helps!
This is a very unusual error - espcially for a - as you claim - new install.
If that is true - and there is no reason it is not - the installation must be flawed - most likely a disk error.
I ran a search for the missing file libldap and on a fully up-to-date Manjaro on unstable branch there is no version 2.4 of the libldap - there is other issues at play - I find find it peculiar the message references a libray version which do not exist on Manjaro
➜ ~ find /usr -name 'libldap*'
find: ‘/usr/share/polkit-1/rules.d’: Permission denied
/usr/share/licenses/libldap
find: ‘/usr/lib/firmware/b43legacy’: Permission denied
find: ‘/usr/lib/firmware/b43’: Permission denied
/usr/lib/libreoffice/program/libldapbe2lo.so
/usr/lib/libldap.so.2.0.200
/usr/lib/thunderbird/libldap60.so
/usr/lib/libldap.so.2
/usr/lib/libldap.so
I just went through my history and I see that I installed base-devel with sudo pacman -S base-devel, which includes sudo if I am not mistaken. Perhaps that has corrupted my installation?
When I run the find command I see:
/usr/lib/thunderbird/libldap60.so
/usr/lib/libldap.so
find: ‘/usr/lib/firmware/b43’: Permission denied
find: ‘/usr/lib/firmware/b43legacy’: Permission denied
/usr/lib/libldap.so.2
/usr/lib/libldap.so.2.0.200
/usr/lib32/libldap.so
/usr/lib32/libldap.so.2
/usr/lib32/libldap.so.2.0.200
/usr/share/licenses/libldap
find: ‘/usr/share/polkit-1/rules.d’: Permission denied
I remember that I did not face the issue before that (otherwise I would have gotten the error when installing base-devel)
No - sudo is installed as a part of the base installation - and is a separate package - sudo.
The shared library reference is puzzling - because unless the system is part of a larger network with SSO there is no need to use the libldap library.
So why is sudo trying to use a version of ldap which is not linked by the default Manjaro (Arch) sudo binary? Which - at the moment - is libldap.so.2 and not libldap-2.4.so.2.
This makes me speculate - the naming convention libldap-2.4.so.2 looks more like a debian based name than Arch.
interesting to see would be
ldd /usr/lib/sudo/sudoers.so
and
pacman -Qo /usr/lib/sudo/sudoers.so
ldd: warning: you do not have execution permission for `/usr/lib/sudo/sudoers.so'
linux-vdso.so.1 (0x00007fff76509000)
libpam.so.0 => /usr/lib/libpam.so.0 (0x00007faefdf7b000)
libldap-2.4.so.2 => not found
liblber-2.4.so.2 => not found
libssl.so.1.1 => /usr/lib/libssl.so.1.1 (0x00007faefdee9000)
libsudo_util.so.0 => /usr/lib/sudo/libsudo_util.so.0 (0x00007faefdecd000)
libcrypto.so.1.1 => /usr/lib/libcrypto.so.1.1 (0x00007faefdbee000)
libpthread.so.0 => /usr/lib/libpthread.so.0 (0x00007faefdbcb000)
libdl.so.2 => /usr/lib/libdl.so.2 (0x00007faefdbc4000)
libz.so.1 => /usr/lib/libz.so.1 (0x00007faefdbaa000)
libc.so.6 => /usr/lib/libc.so.6 (0x00007faefd9de000)
libaudit.so.1 => /usr/lib/libaudit.so.1 (0x00007faefd9b1000)
/usr/lib64/ld-linux-x86-64.so.2 (0x00007faefe04d000)
libcap-ng.so.0 => /usr/lib/libcap-ng.so.0 (0x00007faefd9a6000)
and
/usr/lib/sudo/sudoers.so is owned by sudo 1.9.8.p2-1
respectively
This explains the failure - but the mystery still stands - odd name
On my system the sudo package is newer - catering for the unstable branch
/usr/lib/sudo/sudoers.so is owned by sudo 1.9.8.p2-3
Checking with branch-compare - the version of sudo on all branches is 1.9.8.p2-3
Switch to root
su
Then run
pacman-mirrors --continent && pacman -Syyu
The current version of sudo for the stable branch is 1.9.8.p2-3
Which means you installed packages before you did an update. This is called a partial update. It is not supported and can results is problems like this. You need to update your system.
Always update before installing new packages.
Thanks, this did it. I apparently had to update the mirrors information!
Just to have it completely correct for others to follow, the command should be
pacman-mirrors --continent && pacman -Syyu
without the sudo 
Tusind tak
Det var en fejl - den er rettet - du er velkommen
This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.