OpenWrt 普通用户无法使用 sudo 提权,报错 Error relocating /usr/lib/sudo/libsudo_util.so.0: reallocarray: symbol not found 的解决办法

使用普通用户登录,执行 sudo mkdir test 报错,错误信息如下

$ sudo mkdir test
Error relocating /usr/lib/sudo/libsudo_util.so.0: reallocarray: symbol not found
Error relocating /usr/bin/sudo: reallocarray: symbol not found

经过一番搜寻,只找到了这个帖子 [openwrt(x86)] 请教一下关于openwrt安装xteve遇到不让用root用户运行的问题 ,但这个帖子并没有解决办法(你现在看到的此帖中的解决办法就是我给出的)

在 superuser.com superuser.forumming.com askubuntu.com 等等网站上也找到了一些信息,但是和 OpenWrt 相关性不大,并不能解决我的问题。

在 pkgs.org 搜到了下面这个包 https://openwrt.pkgs.org/19.07/openwrt-packages-x86_64/sudo_1.8.28p1-2_x86_64.ipk.html 经过一番版本比对,我决定安装这个试试。

我现在使用的 opkg 源是中科大 ustc 的,其版本号比这个要高。

下面是我的解决办法。

1. 移除旧版本 sudo

首先将 /etc/sudoers 文件恢复原样,删除 root ALL=(ALL:ALL) ALL 下面的一行 dk ALL=(ALL:ALL) ALL,之所以删除是因为有修改直接删除会报错(我记得是这样,如果你直接 remove 不报错那就没关系这一步是多余的)

查看当前版本的 sudo 程序信息

# opkg info sudo
Package: sudo
Version: 1.8.28p1-1
Depends: libc
Status: unknown ok not-installed
Section: admin
Architecture: x86_64
Size: 309411
Filename: sudo_1.8.28p1-1_x86_64.ipk
Description: Sudo (su "do") allows a system administrator to delegate authority to
give certain users (or groups of users) the ability to run some (or
all) commands as root or another user while providing an audit trail of
the commands and their arguments.

Package: sudo
Version: 1.9.9-1
Depends: libc
Status: install user installed
Section: admin
Architecture: x86_64
Size: 447454
Filename: sudo_1.9.9-1_x86_64.ipk
Conffiles:
/etc/sudoers f9a9eb21cc7cccec67bfe982b1268dacea831946ad64863921029212e588f9c8
Description: Sudo (su "do") allows a system administrator to delegate authority to
give certain users (or groups of users) the ability to run some (or
all) commands as root or another user while providing an audit trail of
the commands and their arguments.
Installed-Time: 1647132149

以上时间戳 1647132149 转换后时间是 2022-03-13 08:42:29 是我今天早上通过 opkg remove sudo && opkg install sudo 重新安装的

然后执行 opkg remove sudo 正常卸载。

2. 下载 sudo_1.8.28p1-2_x86_64.ipk 并安装

# wget https://downloads.openwrt.org/releases/packages-19.07/x86_64/packages/sudo_1.8.28p1-2_x86_64.ipk
# opkg install sudo_1.8.28p1-2_x86_64.ipk

3. 编辑 /etc/sudoers 文件

临时授予写权限,文件编辑好之后删除写权限

# chmod u+w /etc/sudoers

然后在 root ALL=(ALL) ALL 下新增 dk ALL=(ALL) ALL,再执行 chmod u-w /etc/sudoers 删除写权限。

再次测试普通用户已经可以通过 sudo 获得临时提权了。sudo mkdir test 执行成功。

$ sudo mkdir test

记录一下新安装的 sudo 程序的信息

# opkg info sudo
Package: sudo
Version: 1.8.28p1-1
Depends: libc
Status: unknown ok not-installed
Section: admin
Architecture: x86_64
Size: 309411
Filename: sudo_1.8.28p1-1_x86_64.ipk
Description: Sudo (su "do") allows a system administrator to delegate authority to
 give certain users (or groups of users) the ability to run some (or
 all) commands as root or another user while providing an audit trail of
 the commands and their arguments.

Package: sudo
Version: 1.9.9-1
Depends: libc
Status: unknown ok not-installed
Section: admin
Architecture: x86_64
Size: 447454
Filename: sudo_1.9.9-1_x86_64.ipk
Description: Sudo (su "do") allows a system administrator to delegate authority to
 give certain users (or groups of users) the ability to run some (or
 all) commands as root or another user while providing an audit trail of
 the commands and their arguments.

Package: sudo
Version: 1.8.28p1-2
Depends: libc
Status: install user installed
Architecture: x86_64
Conffiles:
 /etc/sudoers 67797f145f3429db6e72b4f1b20a13abd0a5c152557a16eff697d05d6a16795e
Installed-Time: 1647168483

这个时间戳 1647168483 转换后时间是 2022-03-13 18:48:03

4. 其他补充信息

当前 openwrt 发行版本信息

$ cat /etc/openwrt_release 
DISTRIB_ID='OpenWrt'
DISTRIB_RELEASE='SNAPSHOT'
DISTRIB_TARGET='x86/64'
DISTRIB_ARCH='x86_64'
DISTRIB_TAINTS='no-all override'
DISTRIB_REVISION='R20.3.19 / Mask Ver.D200401'
DISTRIB_DESCRIPTION='OpenWrt '

一开始安装的 sudo 程序的 /etc/sudoers 文件的 root 提权部分是这样的

##
## User privilege specification
##
root ALL=(ALL:ALL) ALL
dk ALL=(ALL:ALL) ALL

后安装的 sudo 程序(是我目前正常工作的 sudo 程序)的 /etc/sudoers 文件 root 提权部分是这样的。这两个有什么区别呢?感兴趣可以 google 搜索一下(实际上我也不知道,我也要学习一下)

##
## User privilege specification
##
root ALL=(ALL) ALL
dk ALL=(ALL) ALL

特此记录。有问题欢迎友好讨论。

@google
A coder, like writing and sharing.
加入
更多来自 google