[sudo-workers] sudoers.so in an AIX archive rather than as a file

mamfelt at felt.demon.nl mamfelt at felt.demon.nl
Wed Mar 22 03:07:43 MDT 2017


Just wondering if you have any experience (on AIX ideally) supporting
both 32-bit and 64-bit applications.

When NOEXEC is not required I do not think it matters, but
when I performed my first experiment with NOEXEC on /usr/bin/more
it failed because it said it could not load sudo_noexec.so

That was correct - because more (and most utils) is a 32-bit application
and sudo_noexec.so (and the rest) had been compiled in 64-bit mode.

AIX, natively, uses an archive with "members" that support one of the
"bit" modes. e.g.,

ar -X32 tv /usr/lib/libintl.a libintl.so.8
rwxr-xr-x     0/0      79727 Aug 21 18:17 2016 libintl.so.8

ar -X64 tv /usr/lib/libintl.a libintl.so.8
rwxr-xr-x     0/0      87530 Aug 21 16:45 2016 libintl.so.8

so dlopen() can open one, or the other, depending on the bit mode the
application has.

Bottom line: does sudo already support this "archive.a(member.so)" syntax?

If yes, how to get configure (or would that be mkpkg) to setup Makefile
and the application to use something such as:

                Plugin sudoers_policy sudoers.a
                Plugin sudoers_policy sudoers.a(sudoers.so)

Note that all .so files currently in /opt/libexec/lib could be in a single
libsudo.a file - and even located in /usr/lib or /opt/lib
rather than in a libexec directory.

Thanks for your time and consideration!


More information about the sudo-workers mailing list