Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Unable to use the Sudo command. "0509-130 Symbol resolution failed for sudo because:"
Top Forums UNIX for Dummies Questions & Answers Unable to use the Sudo command. "0509-130 Symbol resolution failed for sudo because:" Post 302381986 by TonyFullerMalv on Monday 21st of December 2009 04:09:55 PM
Old 12-21-2009
I am more used to Solaris where I would use the ldd command to check that all the libraries are present and correct, the FAQ at:
2.27: Where can I find ldd for AIX?
says where ldd for AIX is available.

To use ldd(1) you would cd to where sudo lives and then run:
Code:
$ ldd ./sudo

This checks all the libraries are present, then run:
Code:
$ ldd -r ./sudo

This will check all the symbols are present, this will show you which libraries you require more up to date versions of.

To make a more up to date library files available to only sudo you can cheat and write a wrapper script that puts the directory where you have put the more up to date libraries first (not one of the normal library directories) in the LD_LIBRARY_PATH and then call sudo $@. This is a kludge in some folks opinions but it works!
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Possible to give non root user sudo to "crontab -l"

Does anyone know if this is possible? I want to give some users access to root's crontab but only with a read privilege. Is this possible to do or can only root or people with full root sudo view root's cron? (4 Replies)
Discussion started by: LordJezoX
4 Replies

2. UNIX for Dummies Questions & Answers

changing password with sudo user " permission denied"

HI All, I am using solaris i created a user adam and updated his permissions in vi sudoers file as follows adam ALL=(ALL) NOPASSWORD: ALL ........... when i create user by logging as sudo user . $ sudo useradd -d /home/kalyan -m -s /bin/sh kalyan sudo: not found ... (6 Replies)
Discussion started by: kalyankalyan
6 Replies

3. Shell Programming and Scripting

sudo dd if=/dev/sdb1 of="disk-image"

sudo dd if=/dev/sdb1 of="disk-image" can anyone explain roughly to me is it this code do some recovery from /dev/sdb then output it to "disk-image" ? But then how can i access the "disk-image"? it cannot be read , and it told me its a binary file... (2 Replies)
Discussion started by: obanajunichiro
2 Replies

4. HP-UX

How to set up "sudo su -" to root with no need to type password?

Tittle has it.... Thanks friends... (2 Replies)
Discussion started by: 300zxmuro
2 Replies

5. UNIX for Dummies Questions & Answers

security problem with "sudo" for shutdown?

I am a UNIX user but not an admin. I am asking our admins to create a "sudo" command to allow shutting down our AIX workstations gracefully (without just pulling the plug). Is there a way to prevent the user from executing "shutdown" on another workstation or server on the network? (2 Replies)
Discussion started by: kg6iia
2 Replies

6. UNIX for Dummies Questions & Answers

Do I need to be "Sudo" user for file movement fr

Hi Experts Do I need to have "Sudo" privileges or user for file movement for file movement from one remote server to another or from local to remote server?:wall: (6 Replies)
Discussion started by: parpaa
6 Replies

7. Shell Programming and Scripting

Expect: spawn id exp5 not open while executing "expect "$" { send "sudo su -\r" }"

Hi All, i am trying to ssh to a remote machine and execute certain command to remote machine through script. i am able to ssh but after its getting hung at the promt and after pressing ctrl +d i am gettin the out put as expect: spawn id exp5 not open while executing "expect "$" {... (3 Replies)
Discussion started by: Siddharth shivh
3 Replies

8. Shell Programming and Scripting

Explaining behaviour of sudo bash "$0" "$@";

I've found this script part on the stackoverflow: if ; then sudo bash "$0" "$@"; exit "$?"; fi I realized that sudo bash "$0" "$@"; is the only needed for me. But the strange thing happens when I move this line outside the IF statement: sudo bash "$0" "$@"; stops the... (9 Replies)
Discussion started by: boqsc
9 Replies

9. UNIX for Beginners Questions & Answers

I misused: "sudo rm -rf /*"

Hey Guys, I have literally shot my myself in the head... I tried to use "sudo rm -rf /*" in Terminal (OSX); Unfortunately, I forgot cd Desktop. After I realized it, I was like :eek: After that i tried exit; but rm was a background command, so this did not work either... I came to late for... (5 Replies)
Discussion started by: SuchtyTV
5 Replies

10. UNIX for Advanced & Expert Users

"sudo su -" showing lot of information on OpenLDAP

Hello, I have configured new LDAP and new LDAP clients. When I do "sudo su -", it shows me lot of information, which is not required on screen. I am not sure, if any debug mode is enabled or from where it can be turned off. Please suggest, if it is know for you. -bash-3.2$ sudo su - sudo:... (8 Replies)
Discussion started by: solaris_1977
8 Replies

LEARN ABOUT CENTOS

sssd-sudo

SSSD-SUDO(5)						   File Formats and Conventions 					      SSSD-SUDO(5)

NAME

       sssd-sudo - Configuring sudo with the SSSD back end

DESCRIPTION

       This manual page describes how to configure sudo(8) to work with sssd(8) and how SSSD caches sudo rules.

CONFIGURING SUDO TO COOPERATE WITH SSSD

       To enable SSSD as a source for sudo rules, add sss to the sudoers entry in nsswitch.conf(5).

       For example, to configure sudo to first lookup rules in the standard sudoers(5) file (which should contain rules that apply to local users)
       and then in SSSD, the nsswitch.conf file should contain the following line:

	   sudoers: files sss

       More information about configuring the sudoers search order from the nsswitch.conf file as well as information about the LDAP schema that
       is used to store sudo rules in the directory can be found in sudoers.ldap(5).

       Note: in order to use netgroups or IPA hostgroups in sudo rules, you also need to correctly set nisdomainname(1) to your NIS domain name
       (which equals to IPA domain name when using hostgroups).

CONFIGURING SSSD TO FETCH SUDO RULES

       All configuration that is needed on SSSD side is to extend the list of services with "sudo" in [sssd] section of sssd.conf(5). To speed up
       the LDAP lookups, you can also set search base for sudo rules using ldap_sudo_search_base option.

       The following example shows how to configure SSSD to download sudo rules from an LDAP server.

	   [sssd]
	   config_file_version = 2
	   services = nss, pam, sudo
	   domains = EXAMPLE

	   [domain/EXAMPLE]
	   id_provider = ldap
	   sudo_provider = ldap
	   ldap_uri = ldap://example.com
	   ldap_sudo_search_base = ou=sudoers,dc=example,dc=com

       When the SSSD is configured to use IPA as the ID provider, the sudo provider is automatically enabled. The sudo search base is configured
       to use the compat tree (ou=sudoers,$DC).

THE SUDO RULE CACHING MECHANISM

       The biggest challenge, when developing sudo support in SSSD, was to ensure that running sudo with SSSD as the data source provides the same
       user experience and is as fast as sudo but keeps providing the most current set of rules as possible. To satisfy these requirements, SSSD
       uses three kinds of updates. They are referred to as full refresh, smart refresh and rules refresh.

       The smart refresh periodically downloads rules that are new or were modified after the last update. Its primary goal is to keep the
       database growing by fetching only small increments that do not generate large amounts of network traffic.

       The full refresh simply deletes all sudo rules stored in the cache and replaces them with all rules that are stored on the server. This is
       used to keep the cache consistent by removing every rule which was deleted from the server. However, full refresh may produce a lot of
       traffic and thus it should be run only occasionally depending on the size and stability of the sudo rules.

       The rules refresh ensures that we do not grant the user more permission than defined. It is triggered each time the user runs sudo. Rules
       refresh will find all rules that apply to this user, check their expiration time and redownload them if expired. In the case that any of
       these rules are missing on the server, the SSSD will do an out of band full refresh because more rules (that apply to other users) may have
       been deleted.

       If enabled, SSSD will store only rules that can be applied to this machine. This means rules that contain one of the following values in
       sudoHost attribute:

       o   keyword ALL

       o   wildcard

       o   netgroup (in the form "+netgroup")

       o   hostname or fully qualified domain name of this machine

       o   one of the IP addresses of this machine

       o   one of the IP addresses of the network (in the form "address/mask")

       There are many configuration options that can be used to adjust the behavior. Please refer to "ldap_sudo_*" in sssd-ldap(5) and "sudo_*" in
       sssd.conf(5).

SEE ALSO

       sssd(8), sssd.conf(5), sssd-ldap(5), sssd-krb5(5), sssd-simple(5), sssd-ipa(5), sssd-ad(5), sssd-sudo(5),sss_cache(8), sss_debuglevel(8),
       sss_groupadd(8), sss_groupdel(8), sss_groupshow(8), sss_groupmod(8), sss_useradd(8), sss_userdel(8), sss_usermod(8), sss_obfuscate(8),
       sss_seed(8), sssd_krb5_locator_plugin(8), sss_ssh_authorizedkeys(8), sss_ssh_knownhostsproxy(8),pam_sss(8).

AUTHORS

       The SSSD upstream - http://fedorahosted.org/sssd

SSSD
								    06/17/2014							      SSSD-SUDO(5)
All times are GMT -4. The time now is 11:22 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy