[sudo-workers] Compiling sudo for AIX 5.3 with LDAP

Todd C. Miller Todd.Miller at courtesan.com
Tue Sep 13 13:07:47 EDT 2011


On Tue, 13 Sep 2011 09:18:42 PDT, Wong Ren wrote:

> When compiling sudo with LDAP on AIX 5.3, does the sudo expect IBM AIX LDAP i
> mplementation or OpenLDAP ?

Sudo expects the ldap library to be call libldap but does not require
a specific LDAP implementation.  People have used the Tivoli LDAP
with sudo before.  The configure script should probably check for
libibmldap as well if no libldap is found.

> I have the environment setup to IBM LDAP
> 
> LDFLAGS=-L/usr/ldap/lib-L/usr/ldap/lib/aix5
> CPPFLAGS=-I/usr/ldap/include
> ./configure --with-ldap
> 
> When the "make" is executed, it cannot find the libldap.a.  I had to link the
>  libibmldap.a to libldap.a in order for the make to be successful.

You could just edit plugins/sudoers/Makefile and change -lldap to
-libmldap instead.

> After "make package" and have the bff installed when running "sudo -l", I got
>  the following error:
> 
> sudo: /usr/local/libexec/sudoers.so must be only be writable by owner
> sudo: fatal error, unable to load plugins
> 
> After changing the permission to 755:
> 
> #chmod 755 /usr/local/libexec/sudoers.so
> # sudo -l
> sudo: unable to dlopen /usr/local/libexec/sudoers.so: There are too many leve
> ls of symbolic links to translate a path name.
> sudo: fatal error, unable to load plugins

It sounds like /usr/local/libexec/sudoers.so is eiter a link to
itself or a link to another file that links back to sudoers.so.

Can you send the output of:

    ls -l /usr/local/libexec/sudoers.so

Also, which version of sudo are you trying to build?

 - todd



More information about the sudo-workers mailing list