Error when I try installing things via pacman

stolen_cinnamon · 27 December 2021 07:32

i get this error whenever I try installing anything via pacman, pamac works fine but its a bother opening it

sudo: error in /etc/sudo.conf, line 0 while loading plugin “sudoers_policy”
sudo: unable to load /usr/lib/sudo/sudoers.so: libldap-2.4.so.2: cannot open shared object file: No such file or directory
sudo: fatal error, unable to load plugins

Mirdarthos · 27 December 2021 07:46

Hi @stolen_cinnamon,

To me it looks like that’s because there’s something wrong in/with your sudoers file…

Please post the contents of /etc/sudoers:

sudo cat /etc/sudoers

(It doesn’t contain password or some such.)

Pamac would work fine, IIRC because it uses Polkit to authenticate/obtain required permissions.

I recommend using it anyway, but in this case, the sudo error needs to be dealt with anyway.

gudjonragnar · 27 December 2021 11:18

I am facing the same error and when I try sudo cat /etc/sudoers I get the same error again (since I using sudo I guess).

cscs · 27 December 2021 11:22

# become root
su
# you can probably now print using cat
cat /etc/sudoers
# to open or edit the file use visudo always (and in this case use an env var so its nano instead of vi)
SUDO_EDITOR=/usr/bin/micro; visudo /etc/sudoers

gudjonragnar · 27 December 2021 11:27

I am on a brand new install of Manjaro KDE Plasma if that is relevant at all

## sudoers file.
##
## This file MUST be edited with the 'visudo' command as root.
## Failure to use 'visudo' may result in syntax or file permission errors
## that prevent sudo from running.
##
## See the sudoers man page for the details on how to write a sudoers file.
##

##
## Host alias specification
##
## Groups of machines. These may include host names (optionally with wildcards),
## IP addresses, network numbers or netgroups.
# Host_Alias    WEBSERVERS = www1, www2, www3

##
## User alias specification
##
## Groups of users.  These may consist of user names, uids, Unix groups,
## or netgroups.
# User_Alias    ADMINS = millert, dowdy, mikef

##
## Cmnd alias specification
##
## Groups of commands.  Often used to group related commands together.
# Cmnd_Alias    PROCESSES = /usr/bin/nice, /bin/kill, /usr/bin/renice, \
#         /usr/bin/pkill, /usr/bin/top
# Cmnd_Alias    REBOOT = /sbin/halt, /sbin/reboot, /sbin/poweroff

##
## Defaults specification
##
## You may wish to keep some of the following environment variables
## when running commands via sudo.
##
## Locale settings
# Defaults env_keep += "LANG LANGUAGE LINGUAS LC_* _XKB_CHARSET"
##
## Run X applications through sudo; HOME is used to find the
## .Xauthority file.  Note that other programs use HOME to find   
## configuration files and this may lead to privilege escalation!
# Defaults env_keep += "HOME"
##
## X11 resource path settings
# Defaults env_keep += "XAPPLRESDIR XFILESEARCHPATH XUSERFILESEARCHPATH"
##
## Desktop path settings
# Defaults env_keep += "QTDIR KDEDIR"
##
## Allow sudo-run commands to inherit the callers' ConsoleKit session
# Defaults env_keep += "XDG_SESSION_COOKIE"
##
## Uncomment to enable special input methods.  Care should be taken as
## this may allow users to subvert the command being run via sudo.
# Defaults env_keep += "XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER"
##
## Uncomment to use a hard-coded PATH instead of the user's to find commands
# Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
##
## Uncomment to send mail if the user does not enter the correct password.
# Defaults mail_badpass
##
## Uncomment to enable logging of a command's output, except for
## sudoreplay and reboot.  Use sudoreplay to play back logged sessions.
# Defaults log_output
# Defaults!/usr/bin/sudoreplay !log_output
# Defaults!/usr/local/bin/sudoreplay !log_output
# Defaults!REBOOT !log_output

##
## Runas alias specification
##

##
## User privilege specification
##
root ALL=(ALL) ALL

## Uncomment to allow members of group wheel to execute any command
# %wheel ALL=(ALL) ALL

## Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL

## Uncomment to allow members of group sudo to execute any command
# %sudo ALL=(ALL) ALL

## Uncomment to allow any user to run sudo if they know the password
## of the user they are running the command as (root by default).
# Defaults targetpw  # Ask for the password of the target user
# ALL ALL=(ALL) ALL  # WARNING: only use this together with 'Defaults targetpw'

## Read drop-in files from /etc/sudoers.d
@includedir /etc/sudoers.d

ishaan2479 · 27 December 2021 11:39

The file has the wrong permissions, it should only be writable by the owner, and its currently not.

To confirm that run:

ls -l /usr/lib/sudo/sudoers.so

When the permissions are correct, that should print -rw-r--r--:

-rw-r--r-- 1 root root 624360 Nov 13 14:43 /usr/lib/sudo/sudoers.so

EDIT (thanks @Mirdarthos )
To fix the issue run:

sudo su
chmod 644 /usr/lib/sudo/sudoers.so
chown -R root /usr/lib/sudo
exit

Mirdarthos · 27 December 2021 11:49

This won’t work. Running things with sudo is exactly the problem right now.

Instead, do as @cscs said and first become root then no sudo is neccessary:

Become root:

su -

Set the correct ownership and permissions on the file:

chmod 644 /usr/lib/sudo/sudoers.so
chown -R root /usr/lib/sudo

Hope this helps!

linux-aarhus · 27 December 2021 11:49

This is a very unusual error - espcially for a - as you claim - new install.

If that is true - and there is no reason it is not - the installation must be flawed - most likely a disk error.

I ran a search for the missing file libldap and on a fully up-to-date Manjaro on unstable branch there is no version 2.4 of the libldap - there is other issues at play - I find find it peculiar the message references a libray version which do not exist on Manjaro

➜  ~ find /usr -name 'libldap*'
find: ‘/usr/share/polkit-1/rules.d’: Permission denied
/usr/share/licenses/libldap
find: ‘/usr/lib/firmware/b43legacy’: Permission denied
find: ‘/usr/lib/firmware/b43’: Permission denied
/usr/lib/libreoffice/program/libldapbe2lo.so
/usr/lib/libldap.so.2.0.200
/usr/lib/thunderbird/libldap60.so
/usr/lib/libldap.so.2
/usr/lib/libldap.so

gudjonragnar · 27 December 2021 12:05

I just went through my history and I see that I installed base-devel with sudo pacman -S base-devel, which includes sudo if I am not mistaken. Perhaps that has corrupted my installation?
When I run the find command I see:

/usr/lib/thunderbird/libldap60.so
/usr/lib/libldap.so
find: ‘/usr/lib/firmware/b43’: Permission denied
find: ‘/usr/lib/firmware/b43legacy’: Permission denied
/usr/lib/libldap.so.2
/usr/lib/libldap.so.2.0.200
/usr/lib32/libldap.so
/usr/lib32/libldap.so.2
/usr/lib32/libldap.so.2.0.200
/usr/share/licenses/libldap
find: ‘/usr/share/polkit-1/rules.d’: Permission denied

I remember that I did not face the issue before that (otherwise I would have gotten the error when installing base-devel)

linux-aarhus · 27 December 2021 12:09

No - sudo is installed as a part of the base installation - and is a separate package - sudo.

The shared library reference is puzzling - because unless the system is part of a larger network with SSO there is no need to use the libldap library.

So why is sudo trying to use a version of ldap which is not linked by the default Manjaro (Arch) sudo binary? Which - at the moment - is libldap.so.2 and not libldap-2.4.so.2.

This makes me speculate - the naming convention libldap-2.4.so.2 looks more like a debian based name than Arch.

xabbu · 27 December 2021 12:12

interesting to see would be

ldd /usr/lib/sudo/sudoers.so

and

pacman -Qo /usr/lib/sudo/sudoers.so

gudjonragnar · 27 December 2021 12:15

ldd: warning: you do not have execution permission for `/usr/lib/sudo/sudoers.so'
  linux-vdso.so.1 (0x00007fff76509000)
  libpam.so.0 => /usr/lib/libpam.so.0 (0x00007faefdf7b000)
  libldap-2.4.so.2 => not found
  liblber-2.4.so.2 => not found
  libssl.so.1.1 => /usr/lib/libssl.so.1.1 (0x00007faefdee9000)
  libsudo_util.so.0 => /usr/lib/sudo/libsudo_util.so.0 (0x00007faefdecd000)
  libcrypto.so.1.1 => /usr/lib/libcrypto.so.1.1 (0x00007faefdbee000)
  libpthread.so.0 => /usr/lib/libpthread.so.0 (0x00007faefdbcb000)
  libdl.so.2 => /usr/lib/libdl.so.2 (0x00007faefdbc4000)
  libz.so.1 => /usr/lib/libz.so.1 (0x00007faefdbaa000)
  libc.so.6 => /usr/lib/libc.so.6 (0x00007faefd9de000)
  libaudit.so.1 => /usr/lib/libaudit.so.1 (0x00007faefd9b1000)
  /usr/lib64/ld-linux-x86-64.so.2 (0x00007faefe04d000)
  libcap-ng.so.0 => /usr/lib/libcap-ng.so.0 (0x00007faefd9a6000)

and

/usr/lib/sudo/sudoers.so is owned by sudo 1.9.8.p2-1

respectively

linux-aarhus · 27 December 2021 12:18

This explains the failure - but the mystery still stands - odd name

On my system the sudo package is newer - catering for the unstable branch

/usr/lib/sudo/sudoers.so is owned by sudo 1.9.8.p2-3

Checking with branch-compare - the version of sudo on all branches is 1.9.8.p2-3

Switch to root

su

Then run

pacman-mirrors --continent && pacman -Syyu

xabbu · 27 December 2021 12:21

The current version of sudo for the stable branch is 1.9.8.p2-3

Which means you installed packages before you did an update. This is called a partial update. It is not supported and can results is problems like this. You need to update your system.

Always update before installing new packages.

gudjonragnar · 27 December 2021 12:30

Thanks, this did it. I apparently had to update the mirrors information!
Just to have it completely correct for others to follow, the command should be

pacman-mirrors --continent && pacman -Syyu

without the sudo Tusind tak

linux-aarhus · 27 December 2021 12:36

Det var en fejl - den er rettet - du er velkommen

system · 31 December 2021 06:00

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.