[sudo-workers] sudoers.so in an AIX archive rather than as a file
Todd C. Miller
Todd.Miller at courtesan.com
Wed Mar 22 11:16:25 MDT 2017
Sudo does not support the "archive.a(member.so)" syntax.
Currently, sudo creates SVR4-style shared objects on AIX by using
the -brtl loader flag. This makes it possible to install shared
objects as .so files on all platforms, including AIX. Having the
plugins use a common file name across platforms is a good thing
since it makes it easier to distribute a single set of sudo
configuration files in a heterogenerous environment. This is
especially important for the group provider plugin, since the path
for it is directly specified in sudoers.
As far as I know, libtool (which sudo uses to create shared objects)
does not have support for building both 32-bit and 64-bit object
files. In the case of sudo_noexec it is probably not too difficult
to do so but will require changes to configure and the Makefiles.
It will no longer be possible to use libtool to build the shared
object.
It probably makes the most sense to always explicitly build sudo
as a 32-bit executable on AIX and then build a 64-bit version of
sudo_noexec.c in addition to the 32-bit version if supported by the
compiler. As far as I know, AIX doesn't support 32-bit and 64-bit
object files in the same executable, please correct me if I'm wrong.
- todd
More information about the sudo-workers
mailing list