AIX Open Source

 View Only
  • 1.  Unable to install sudo_ids

    Posted Wed May 11, 2022 12:21 PM
    On a fresh AIX 7.2 box i'm unable to install sudo_ids.

    Error: "Requires: libibmldap.a"

    I have installed idsldap ans confirmed it to be working.
    idslink was run by mksecldap and created the /usr/lib/libibmldap.a symlink.
    updtvpkg was run manually

    Problem is the Virtual RPM package(AIX-rpm-7.2.5.100-x.ppc)  does not reflect the existance of /usr/lib/libibmldap.a.
    Reason:

    updtvpkg uses "/usr/bin/lslpp -Ou -qfc" to query ODM for installed librarys.
    This of corse does not include /usr/lib/libibmldap.a as it was created by idslink/mksecldap and not installp.
    Both do not update ODM to refelct the existance of /usr/lib/libibmldap.a
    Outcome is that updtvpkg does not include /usr/lib/libibmldap.a as "provided" library.
    This fails sudo_ids to resolve installation conflict.

    Our hacky solution:

    Edit updtvpkg and hard code 'echo "Provides: libibmldap.a"' to solve this.
    # diff -u /usr/sbin/updtvpkg_orig /usr/sbin/updtvpkg
    --- /usr/sbin/updtvpkg_orig 2022-05-11 17:12:05.715682700 +0200
    +++ /usr/sbin/updtvpkg 2022-05-11 14:06:46.252938992 +0200
    @@ -43,6 +43,7 @@
    do
    echo "Provides: $shobj"
    done
    +echo "Provides: libibmldap.a"

    # Check for shells
    shells="sh bsh csh ksh tsh"
    This should be solved a more ellegant way.


    ------------------------------
    Henk Wiedig
    ------------------------------


  • 2.  RE: Unable to install sudo_ids

    Posted Wed May 11, 2022 12:27 PM
    Thank you Henk for reporting this and detailed analysis.
    We will look into it.

    ------------------------------
    SANKET RATHI
    ------------------------------



  • 3.  RE: Unable to install sudo_ids

    Posted Wed May 11, 2022 01:06 PM
    Edited by Ayappan P Wed May 11, 2022 01:06 PM
    I just verified in IBM ldap version 6.3 & 6.4, it ships the file as libibmldap.a only and updtvpkg has no problem pick it up. 

    /usr/bin/lslpp -Ou -qfc | grep libibmldap.a
    /usr/lib/objrepos:idsldap.clt32bit64.rte 6.4.0.24:/opt/IBM/ldap/V6.4/lib/libidsldap.a -> /opt/IBM/ldap/V6.4/lib/libibmldap.a
    /usr/lib/objrepos:idsldap.clt64bit64.rte 6.4.0.24:/opt/IBM/ldap/V6.4/lib64/libidsldap.a -> /opt/IBM/ldap/V6.4/lib64/libibmldap.a
    /usr/lib/objrepos:idsldap.clt_max_crypto32bit64.rte 6.4.0.24:/opt/IBM/ldap/V6.4/lib/libibmldap.a
    /usr/lib/objrepos:idsldap.clt_max_crypto64bit64.rte 6.4.0.24:/opt/IBM/ldap/V6.4/lib64/libibmldap.a

    # /usr/bin/lslpp -Ou -qfc | grep libibmldap.a
    /usr/lib/objrepos:idsldap.clt32bit63.rte 6.3.0.52:/opt/IBM/ldap/V6.3/lib/libidsldap.a -> /opt/IBM/ldap/V6.3/lib/libibmldap.a
    /usr/lib/objrepos:idsldap.clt64bit63.rte 6.3.0.52:/opt/IBM/ldap/V6.3/lib64/libidsldap.a -> /opt/IBM/ldap/V6.3/lib64/libibmldap.a
    /usr/lib/objrepos:idsldap.clt_max_crypto32bit63.rte 6.3.0.52:/opt/IBM/ldap/V6.3/lib/libibmldap.a
    /usr/lib/objrepos:idsldap.clt_max_crypto64bit63.rte 6.3.0.52:/opt/IBM/ldap/V6.3/lib64/libibmldap.a

    I don't think it has to be in /usr/lib/ for updtvpkg to pick it up. But for the functioning of sudo_ids, it has to be in /usr/lib.

    ------------------------------
    Ayappan P
    ------------------------------



  • 4.  RE: Unable to install sudo_ids

    Posted Wed May 11, 2022 04:09 PM
    Hi,
    you are right. Seems like i felt too deep into the rabbit hole.
    After IBM ldap installation a manual call to /usr/sbin/updtvpkg was enough to make sudo_ids to install.
    Maybe idslink/mksecldap could call /usr/sbin/updtvpkg themself.


    ------------------------------
    Henk Wiedig
    ------------------------------