SOLVED: 2.2.1 Upgrade breaks sudo
-
It does not help the sudo lib so problem though. But at least it clears up some system log noise and lets you create a user and put them in a group in one action.
yeah i sort of did the same thing and it seems to have fixed the groups and users , but just like you the sudo problem still exists. does sudo work for you as root? the fact that it works as root seems to point to some other groups its not a part of.
even as root I cannot sudo some simple commands, something is really broken w/ sudo
[2.2.1-RELEASE][admin@x.y.com]/etc: sudo /usr/local/sbin/pftop sudo: /usr/local/sbin/pftop: command not foundcan assure you that command exists.
-
nrpe package is also giving this:
[2.2.1-RELEASE][admin@bast.int.unixathome.org]/root: /usr/pbi/nrpe-amd64/local/libexec/nagios/check_tcp -H bast.int.unixathome.org -p 9102 Shared object "libintl.so.9" not found, required by "check_tcp"Ref: https://forum.pfsense.org/index.php?topic=90704.0
So sudo is not the only problem child package utility here. -
can fix the sudo problem my linking by hand
ln -s /usr/pbi/sudo-amd64/lib/libintl.so.9 /usr/local/libstuff works then. not sure what happened to these links. i dont know enough about how an execute inside a pbi is jailed to its own env in *bsd.
EDIT:
Maybe to force a rebuild of the ldconfig caches? -
can fix the sudo problem my linking by hand
ln -s /usr/pbi/sudo-amd64/lib/libintl.so.9 /usr/local/libstuff works then. not sure what happened to these links. i dont know enough about how an execute inside a pbi is jailed to its own env in *bsd.
EDIT:
Maybe to force a rebuild of the ldconfig caches?sudo drops the envvars on its own in the first place… Other than that, you do NOT have libintl.so.9 inside /usr/pbi/sudo-amd64/lib? Perhaps, my suggestion to anyone here would be to uninstall the pbi nonsense and install sudo via pkg.
-
sudo drops the envvars on its own in the first place… Other than that, you do NOT have libintl.so.9 inside /usr/pbi/sudo-amd64/lib? Perhaps, my suggestion to anyone here would be to uninstall the pbi nonsense and install sudo via pkg.
think there was a typo, but I do have the required libs in /usr/pbi/sudo-amd64/lib
re: you suggestion to move to pkg vs pbi, I can do that, but I am running on 4g NanoBSD image, how will this work the space constrains, last time I tried something I ran out of /var space, I guess I can increase that. will pkg work with the NanoBSD images as well?
-
think there was a typo, but I do have the required libs in /usr/pbi/sudo-amd64/lib
I totally do not understand your fix in that case.
P.S. No idea about pkg on nanobsd.
-
file exists under /urs/pbi/sudo-amd64/lib, I am cerating a link TO that file in the /usr/local/lib folder so it know to find it where its looking, for whatever reason sudo doesn't look in its own lib folders first
ln -s SOURCE TARGET
-
So you do not have that under /usr/local/lib?
$ ls -l /usr/local/lib/libintl.* -rw-r--r-- 1 root wheel 57216 Aug 26 2013 /usr/local/lib/libintl.a -rw-r--r-- 1 root wheel 972 Aug 26 2013 /usr/local/lib/libintl.la lrwxr-xr-x 1 root wheel 12 Sep 6 2013 /usr/local/lib/libintl.so -> libintl.so.9 -rw-r--r-- 1 root wheel 45501 Mar 13 14:49 /usr/local/lib/libintl.so.8 -rw-r--r-- 1 root wheel 45351 Feb 28 13:18 /usr/local/lib/libintl.so.9Dunno guys what's up with your boxes.
-
sudo seems fine for me on My APU (Full install, amd64), though ALIX (NanoBSD, i386) does show the issue.
I recompiled the package since there was an update to sudo anyhow, it should show up in 15-30 mins or so, give it another try then.
Is everyone with this problem running NanoBSD? Or i386? There must be some common factor.
-
sudo seems fine for me on My APU (Full install, amd64), though ALIX (NanoBSD, i386) does show the issue.
I recompiled the package since there was an update to sudo anyhow, it should show up in 15-30 mins or so, give it another try then.
Is everyone with this problem running NanoBSD? Or i386? There must be some common factor.
I am on NanoBSD AMD64, on APU1D4.
-
Is everyone with this problem running NanoBSD? Or i386? There must be some common factor.
I can see pretty much everyone here with the issue being on amd64, except Phil who reproduced it on i386 as well.
(The common factor seems to be the PBI hardlinking clusterfuck, frankly…)
-
(The common factor seems to be the PBI hardlinking clusterfuck, frankly…)
:-)
apart from the PBI :-), the common factor is also NanoBSD, i think. jimp can you tell me if I should have libintl.so.9 lib in my default image? I didn't think so.
-
I'm offended by the term "PBI"
-
The same binaries work on 2.2 but not 2.2.1 so there must be something that changed there.
So far I can only reproduce it on NanoBSD/i386 but I don't have an amd64 NanoBSD install handy to test.
On my full install I have a libintl.so.9 in /usr/local/lib/ dated Janurary (~2.2-RELEASE time) and it's not on i386.
On your NanoBSD install, check the old slice:
: mount -t ufs /dev/ufs/pfsense1 /mnt : ls -l /mnt/usr/local/lib/libintl*or use pfsense0 if that was your previous slice.
The card I'm using started on 2.2.1 snapshots so I can't test that particular case quickly.
-
On my full install I have a libintl.so.9 in /usr/local/lib/ dated Janurary (~2.2-RELEASE time) and it's not on i386.
i386 full install:
$ ls -l /usr/local/lib/libintl.* -rw-r--r-- 1 root wheel 57216 Aug 26 2013 /usr/local/lib/libintl.a -rw-r--r-- 1 root wheel 972 Aug 26 2013 /usr/local/lib/libintl.la lrwxr-xr-x 1 root wheel 12 Sep 6 2013 /usr/local/lib/libintl.so -> libintl.so.9 -rw-r--r-- 1 root wheel 45501 Mar 13 14:49 /usr/local/lib/libintl.so.8 -rw-r--r-- 1 root wheel 45351 Feb 28 13:18 /usr/local/lib/libintl.so.9libintl.so.9 would be the 2.2.1 snapshots, libintl.so.8 is the 2.2.1 release. The static junk, no idea.
i386 nano:
$ ls -l /usr/local/lib/libintl.* -rw-r--r-- 1 root wheel 45501 Mar 13 14:49 /usr/local/lib/libintl.so.8and nothing else. Dunno guys what are you doing with gettext there.
-
Found it
2.2-RELEASE SLICE
/mnt/usr/local/lib: ls -l libintl* -rw-r--r-- 1 root wheel 97760 Jan 28 00:32 libintl.a lrwxr-xr-x 1 root wheel 16 Jan 28 00:32 libintl.so -> libintl.so.8.1.3 lrwxr-xr-x 1 root wheel 16 Jan 28 00:32 libintl.so.8 -> libintl.so.8.1.3 -rw-r--r-- 1 root wheel 50998 Jan 28 00:32 libintl.so.8.1.3 lrwxr-xr-x 1 root wheel 12 Jan 28 00:32 libintl.so.9 -> libintl.so.82.2.1-RELEASE SLICE
/usr/local/lib: ls -l libintl* -rw-r--r-- 1 root wheel 55319 Mar 13 09:38 libintl.so.8 lrwxr-xr-x 1 root wheel 36 Mar 18 09:47 libintl.so.9 -> /usr/pbi/sudo-amd64/lib/libintl.so.9that last one is a symlink that I just created to get it to work.
-
just checked the upgrade log, looks like it was never in the file list for 2.2.1-RELEASE
... /tmp/pfSense1/usr/local/lib/libidn.so.11 /tmp/pfSense1/usr/local/lib/libintl.so.8 /tmp/pfSense1/usr/local/lib/libpdel.so.0 /tmp/pfSense1/usr/local/lib/libexpat.so.1 ...ln -s libintl.so.8 libintl.so.9 ```f fixes things as well. -
@jimp: When did you rebuild the gettext thing for the last time on nano?
https://forums.freebsd.org/threads/shared-object-libintl-so-9-not-found.49320/
-
Not sure, wasn't me so I couldn't say for certain.
-
After looking things over, it really shouldn't have been working on 2.2-REL and was only doing so by accident apparently.
The sudo PBI wrapper should be gathering its own libraries, but for some reason it is not.
If you nudge it with ldconfig it should work (until reboot):
ldconfig -m /usr/pbi/sudo-`uname -m`/local/lib/I can add that command to the package sync for sudo as an interim fix, other affected packages would need a similar fix. We're looking into a better long-term solution.
