You are not logged in.

Pages: 1

#1 2022-03-26 08:49:18

schard
Forum Moderator
From: Hannover
Registered: 2016-05-06
Posts: 1,978
Website

[NOT POSSIBLE] Recover broken sudo on remote system

I did a blooper due to a partial upgrade.
I intended to just upgrade archlinux-keyring of an old system first via

$ sudo pacman -Sy archlinux-keyring

to avoid broken package messages due to an outdated keyring before a

$ sudo pacman -Syu

Unfortunately, I did not read pacman's messages before hitting return, and thusly pacman also upgraded pacman and sudo
Since on this remote system, sudo is my only means of becoming root, I now have this issue:

$ sudo -s
sudo: /usr/lib/libc.so.6: version `GLIBC_2.34' not found (required by sudo)
sudo: /usr/lib/libc.so.6: version `GLIBC_2.34' not found (required by /usr/lib/sudo/libsudo_util.so.0)

I tried to inject a downloaded libc.so.6 via LD_LIBRARY_PATH to no avail.

$ LD_LIBRARY_PATH=. sudo -s
sudo: /usr/lib/libc.so.6: version `GLIBC_2.34' not found (required by sudo)
sudo: /usr/lib/libc.so.6: version `GLIBC_2.34' not found (required by /usr/lib/sudo/libsudo_util.so.0)

I suspect sudo does not support this for security reasons, so that nobody can inject a malicious library.
Is there any possiblilty to rescue the system or getting sudo to work again without being root (since sudo does not work)?

Last edited by schard (2022-03-26 15:53:36)

macro_rules! yolo { { $($tokens:tt)* } => { unsafe { $($tokens)* } }; }

Offline

#2 2022-03-26 11:00:58

GerBra
Forum Fellow
From: Bingen/Germany
Registered: 2007-05-10
Posts: 207

Re: [NOT POSSIBLE] Recover broken sudo on remote system

Schard, i answered you in the german bbs. Have a look.

Offline

#3 2022-03-26 11:24:28

Alad
Wiki Admin/IRC Op
From: Bagelstan
Registered: 2014-05-04
Posts: 2,412
Website

Re: [NOT POSSIBLE] Recover broken sudo on remote system

GerBra wrote:

Schard, i answered you in the german bbs. Have a look.

How is that useful to anyone reading the thread in this forum?

Is there any possiblilty to rescue the system or getting sudo to work again without being root (since sudo does not work)?

The usual procedure would be to use archiso, mount the old system to (say) /mnt, and use pacman --root /mnt -Syu.

Since on this remote system, sudo is my only means of becoming root, I now have this issue:

Not sure what's the point of this, but considering the obvious downsides, I'd consider unlocking your root account after fixing your system.

Mods are just community members who have the occasionally necessary option to move threads around and edit posts. -- Trilby

Offline

#4 2022-03-26 11:40:48

Slithery
Administrator
From: Norfolk, UK
Registered: 2013-12-01
Posts: 5,776

Re: [NOT POSSIBLE] Recover broken sudo on remote system

Append systemd.unit=rescue.target to the kernel parameters when booting.

No, it didn't "fix" anything. It just shifted the brokeness one space to the right. - jasonwryan
Closing -- for deletion; Banning -- for muppetry. - jasonwryan

aur - dotfiles

Offline

#5 2022-03-26 11:47:42

schard
Forum Moderator
From: Hannover
Registered: 2016-05-06
Posts: 1,978
Website

Re: [NOT POSSIBLE] Recover broken sudo on remote system

Well, this is a remote system, which I can only access via SSH and OpenVPN.
I just wanted to investigate possibilities to not having to have the system be brought in.
Locking the root account was a configuration decision in favor of security.
But honestly, the questionable benefit is negligible compared to the headache when administering the systems.
So, yes, I will definitely change that.

macro_rules! yolo { { $($tokens:tt)* } => { unsafe { $($tokens)* } }; }

Offline

#6 2022-03-26 14:30:31

seth
Member
Registered: 2012-09-03
Posts: 51,056

Re: [NOT POSSIBLE] Recover broken sudo on remote system

Do you have polkit/pkexec available?

You'll need to shells.
Get the PID of the first "echo $$" and use it in the second, "pkttyagent --process $PID_HERE"
You should™ then (given you're in %wheel) be able to run "pkexec" in the first terminal, provide the password of your user in the second and get a rootshell in the first.
(The internal agent is broken and yells a nonsenical error)

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

#7 2022-03-26 15:13:16

schard
Forum Moderator
From: Hannover
Registered: 2016-05-06
Posts: 1,978
Website

Re: [NOT POSSIBLE] Recover broken sudo on remote system

seth wrote:

Do you have polkit/pkexec available?

Unfortunately not. But I appreciate the idea. Wouldn't have thought of that.

macro_rules! yolo { { $($tokens:tt)* } => { unsafe { $($tokens)* } }; }

Offline

#8 2022-03-26 16:07:33

Alad
Wiki Admin/IRC Op
From: Bagelstan
Registered: 2014-05-04
Posts: 2,412
Website

Re: [NOT POSSIBLE] Recover broken sudo on remote system

Not possible? So there's no way to access the boot screen? At least when I had a VPS, I could login to the provider, and open a VNC window which gave me access to the boot loader.

Mods are just community members who have the occasionally necessary option to move threads around and edit posts. -- Trilby

Offline

#9 2022-03-26 16:16:36

schard
Forum Moderator
From: Hannover
Registered: 2016-05-06
Posts: 1,978
Website

Re: [NOT POSSIBLE] Recover broken sudo on remote system

My company is the provider and the system is not a VPS. It's a digital signage device.

macro_rules! yolo { { $($tokens:tt)* } => { unsafe { $($tokens)* } }; }

Offline

Pages: 1

Board footer

Powered by FluxBB