SDRausty/termux-archlinux

Sudo is non functional

Lite5h4dow opened this issue · 39 comments

I've installed sudo in tumux arch I don't know if this is an issue with sudo or termux-arch but sudo doesn't work, this is a big issue for alot of the dependancies especially for package managers like pacman and yaourt.

@Lite5h4dow thank you for your interest in this project. What is happening is probably an selinux issue since the entire application runs in userspace.

this is a big issue for alot of the dependancies especially for package managers like pacman and yaourt.

Can su resolve this since su works fine? Are you familiar with these upstream IRC https://wiki.archlinux.org/index.php/IRC_channel links that should be useful for asking this question upstream.

Yeah, I have the same problem

$ sudo
sudo: error in /etc/sudo.conf, line 0 while loading plugin "sudoers_policy"
sudo: unable to load /usr/lib/sudo/sudoers.so: /usr/lib/sudo/sudoers.so: cannot stat shared object: Bad file descriptor
sudo: fatal error, unable to load plugins
$ file /usr/lib/sudo/sudoers.so
/usr/lib/sudo/sudoers.so: ELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=fdd8877dfa30f38871fd5735638d346a4553b1b7, stripped
$

I think it's due to android/ndk#201

Edit 1: After digging deeper, /etc/sudo.conf is missing...

Edit 2: According to https://www.sudo.ws/man/1.8.14/sudo.conf.man.html, /etc/sudo.conf doesn't have to be present. If it doesn't exist, it will default to:

Plugin sudoers_policy sudoers.so
Plugin sudoers_io sudoers.so

Edit 3: sudo in termux-ubuntu is functional... perhaps the arch distro is broken...

This topic is touched upon at ArchStrike/ArchStrike#411: closed (relavant comments in closed issues are welcome anytime)

[14:07 home ]$ sudo
sudo: error in /etc/sudo.conf, line 0 while loading plugin "sudoers_policy"
sudo: unable to load /usr/lib/sudo/sudoers.so: /usr/lib/sudo/sudoers.so: cannot stat shared object: Bad file descriptor
sudo: fatal error, unable to load plugins

Where else is sudo upstream? One place has been touched; Where else?

archlinuxarm just swallowed an issue posted similar to the ArchStrike post. Surprising experience of the #$@& sort:

https://github.com/archlinuxarm

  1. archlinuxarm has open issue board with zero issues
  2. posted at https://github.com/archlinuxarm/archlinuxarm-keyring/issues/1
  3. swallowed into 404
  4. no issue posted at issues board

@aiisuika do you have a link?

termux-ubuntu is functional... perhaps the arch distro is broken...

The reason Arch Linux was chosen fall 2017 for further development into this project is that Arch Linux passed the most tests in flying colors. Some things don't work, and will not work because of SE Linux permissions. From what you say, this is not the issue. Do you have any idea what is wrong with sudo in Arch Linux in Termux PRoot? Thank you for your comments; They are helpful.

Yup, Neo-Oli's https://github.com/Neo-Oli/termux-ubuntu

In the proot I did the usual apt update && apt upgrade.
Setup locales to stop perl from crying, apt install locales then follow https://askubuntu.com/a/89983
However, remove sudo from the commands in that answer, sudo doesn't work at this point, and you're already root.
Setup a root password.

$ passwd
Type new UNIX password: ***
Retype new UNIX password: ***

Once done, finally install sudo, apt install sudo.
Now setup a non-root user.

$ useradd aiisuika
...
# now login
$ su aiisuika
aiisuika@localhost $ sudo apt install example
# it should ask for the root password
$ 

And that's it, seems to work for me.

@aiisuika it is nice that sudo works in Termux PRoot. Functions setlocaleconf () and setlocalegen () setup locale in Arch Linux in Termux PRoot. Changing the password for root has no effect on sudo's behavior. I have looked at the steps that you outlined. Thanks for updating that this works in Termux PRoot.

@aiisuika you inspired me to install Ubuntu in Termux PRoot again in search of an answer to this topic. Unfortunately, I cannot get past step one:

root@localhost:~# passwd
Enter new UNIX password:
Retype new UNIX password:
passwd: System error
passwd: password unchanged

On my rooted phone, it worked flawlessly...
I'll see if theres a non-root workaround.

Ok, there seems to be nothing..
Last option is to create a new type of proot.

This https://github.com/termux/libandroid-shmem project might give us the shm functionality we are seeking in this issue, and these:

  1. SDRausty/TermuxArch#38
  2. SDRausty/TermuxArch#59 (comment)
  3. SDRausty/TermuxArch#68

OMG,I have the same problem as mentioned above,and I try to change the permission of /usr/lib/sudo/sudoers.so but nothing changed.

I think proot isn't handling sonething, so selinux is saying no.

I'd also love to see sudo working again in TermuxArch. Any progress so far?

Any progress so far?

Check for progress in issues like this termux/libandroid-shmem#4 one throughout this thread even though they are marked closed. Asking at IRC: wiki.archlinux.org/index.php/IRC_channel might help resolve this topic sooner.

#4 (comment) : Is this a https://github.com/termux/libandroid-shmem issue with sudo and similar?

I'm referring to that problem when using sudo within TermuxArch:

[14:07 home ]$ sudo sudo: error in /etc/sudo.conf, line 0 while loading plugin "sudoers_policy" sudo: unable to load /usr/lib/sudo/sudoers.so: /usr/lib/sudo/sudoers.so: cannot stat shared object: Bad file descriptor sudo: fatal error, unable to load plugins

Unfortunately, I'm not that into Android development that I can judge if it's because of issues in libandroid-shmem. If you need further help or assistance, please don't hesitate to ask.

can u force to install 32 bit of archlinux inside termux that had arm64-v8a??

yo,
I bumped into this same issue with sudo following my first steps in termux-archlinux.

Could this be related to systemd by any chance? I noticed sudo is now handled by systemd which is not enabled in chroot env apparently. I did not have much time to research on this lately though.

Anyone familiar with this?

can u force to install 32 bit of archlinux inside

@Dj-jom2x yes, with qemu and similar:

bash-4.4$ startarch c pacman -Ss qemu
extra/qemu 2.12.0-2
    A generic and open source machine emulator and virtualizer
extra/qemu-arch-extra 2.12.0-2
    QEMU for foreign architectures
extra/qemu-block-gluster 2.12.0-2
    QEMU GlusterFS block module
extra/qemu-block-iscsi 2.12.0-2
    QEMU iSCSI block module
extra/qemu-block-rbd 2.12.0-2
    QEMU RBD block module
extra/qemu-guest-agent 2.12.0-2
    QEMU Guest Agent
extra/qemu-headless 2.12.0-2
    QEMU without GUI
extra/qemu-headless-arch-extra 2.12.0-2
    QEMU without GUI, for foreign architectures
extra/vde2 2.3.2-10
    Virtual Distributed Ethernet for emulators like qemu
community/libvirt 4.5.0-1
    API for controlling virtualization engines
    (openvz,kvm,qemu,virtualbox,xen,etc)
community/python-unicorn 1.0.1-4
    Lightweight, multi-platform, multi-architecture CPU emulator framework
    based on QEMU
community/python2-unicorn 1.0.1-4
    Lightweight, multi-platform, multi-architecture CPU emulator framework
    based on QEMU
community/ruby-unicorn-engine 1.0.1-4
    Lightweight, multi-platform, multi-architecture CPU emulator framework
    based on QEMU
community/unicorn 1.0.1-4
    Lightweight, multi-platform, multi-architecture CPU emulator framework
    based on QEMU
bash-4.4$

Anyone familiar with this?

@sergensetup an information update regarding this matter is termux/proot#32 (comment) here.

Could this be related to systemd by any chance?

The Arch Linux systemd package is not purged at install at present. It appears to be a redundant package, since systemd is already present on device in Android. However, Arch Linux emacs seems to need it for some reason, so it is left intact at setup.

Feel free to contact https://github.com/termux/proot/issues with your insight; the more people pondering this issue, the better. Hopefully a resolution is forthcoming soon.

Accessing libandroid-shmem support is now possibly in TermuxArch, use setupTermuxArch.sh r for quick system refresh; libandroid-shmem support is added with this SDRausty/TermuxArch@a250672 commit. The current version of TermuxArch also sets locales from Android on the fly for Arch Linux in Termux PRoot to be in the language you wish.

Sudo is now working for me. Thanks to @markfelt and his modified makepkg from #38, I was able to install nosudo from the AUR. According to the AUR description, it's "a small bash script that fakes sudo using su", similar (I think) to how the modified makepkg works.

It appears that we have just had a break through with this topic moments ago, https://gitter.im/termux/offtopic?at=5b9ec49ce5c2cc56ad9c6814 here.

https://github.com/xeffyr stated:

I got sudo working with:
$ proot -r ./arch --cwd=/ -0 '/bin/sudo' /bin/ls
Probably, you messed with something when setting up proot.
Example of switching id with sudo:
$ proot -r ./arch --cwd=/ -0 /bin/sudo -u alarm /bin/id
uid=1000(alarm) gid=1000(alarm

Variable substitution in TermuxArch resolves sudo. Variable assignment PROOTSTMNTU="${PROOTSTMNT//--link2symlink }" drops --link2symlink from the user login proot statement. The option is necessary for root user to function properly. This change modifies the proot statement for user login with this SDRausty/TermuxArch@a0db0f1 commit.

$ startarch l user
[user11:30~]$ sudo whoami

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

[sudo] password for root:
root
[user11:30~]$ whoami
user

startarch c addauser user creates a user account. As Arch Linux in Termux PRoot root user, use visudo to grant user permission to use sudo.

resolves sudo.

This is not the case should a sudo command wish to create hard links on device. Use another session, and fulfill the sudo requirements as root in Arch Linux in Termux PRoot if you encounter errors using sudo. User accounts have the link2symlink option turned off. This enables sudo to run as expected. When sudo assumes root privileges, sudo cannot migrate hard to soft links. Hence packages installed by sudo that contain hard links do not install correctly. Use a new session, and reinstall to correct any errors.

If I create a new user for arch linux in Termux Proot with

$ startarch c addauser 'my username'

it doesn't let me fill in a password for that user.

After installing sudo and starting TermuxArch with

$ startarch l 'my username'

And typing

[user11:30~]$ sudo whoami

I get the following:

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

[sudo] password for 'my username':

Problem is, I don't have a password for the use. How do I counter this?

@Tuff6ong this is invitatio to create new password. Create it and disable sudo password with sudoers if you want

@Tuff6ong this is invitatio to create new password. Create it and disable sudo password with sudoers if you want

Well, if I try to fill in a new password during this invitation I get: 'Sorry, try again'

Should work. Try to copy-paste password (don't forget about ctrl+alt+v to paste from keyboard)

@SDRausty I can't say that I fully follow your instructions to make sudo work.

Variable substitution in TermuxArch resolves sudo. Variable assignment PROOTSTMNTU="${PROOTSTMNT//--link2symlink }" drops --link2symlink from the user login proot statement. The option is necessary for root user to function properly. This change modifies the proot statement for user login with this SDRausty/TermuxArch@a0db0f1 commit.

Okay so, do I need to put PROOTSTMNT somewhere? Where? And why mention that commit? Has this supposedly been fixed since?

startarch c addauser user creates a user account. As Arch Linux in Termux PRoot root user, use visudo to grant user permission to use sudo.

I did both, but I'm still getting the error earlier in the thread

...
sudo: error in /etc/sudo.conf, line 0 while loading plugin "sudoers_policy"
sudo: /usr/lib/sudo/sudoers.so: Bad address

Now, maybe I didn't add the right stuff to /etc/sudoers with visudo. FYI, I used the redhat guide on sudo. Is the content of this guide what you have in mind when you say that visudo needs to be used in order to have acces to the sudo command?

I've also seen you mention libandriod-shmem a bunch of times when people ask how to make sudo work, is it needed for something? Should we install it from a regular Termux session with apt? Is it needed at all?

I have a non-rooted phone, if that is helpful. Installed TermuxArch with the official script, newest version on github.

@SDRausty Are you implying that this is currently already fixed by that commit? But I'm still encountering exactly the same problem just now with a fresh install of TermuxArch.

I noticed that in another issue report (SDRausty/TermuxArch#180) You linked to this issue report on Termux Proot without actually commenting anything: termux/proot#70

Are you suggesting that this fundamentally a problem caused by Termux Proot and there's nothing can be done on the side of TermuxArch?

[user04:20~]$ sudo
proot warning: ptrace(PEEKDATA): I/O error
sudo: error in /etc/sudo.conf, line 0 while loading plugin "sudoers_policy"
sudo: /usr/lib/sudo/sudoers.so: Bad address
sudo: fatal error, unable to load plugins

Is a newly arisen sudo error.

currently already fixed by

The original sudo error in this issue was fixed on 20190906 with SDRausty/TermuxArch@a0db0f1

These PRoot issues might be able to resolve this new error. As there are a number of newly arisen errors with a fresh TermuxArch in a fresh Termux v0.74 installation:

Might also be appropriate links to seek resolution.

This appear to be fixed by a new update to termux-proot package! :D

This TermuxArch/TermuxArch@161eaba commit automates adding sudo users:

printf "%s\\n" "\$1 ALL=(ALL) ALL" >> /etc/sudoers
sed -i "s/\$1:x/\$1:/g" /etc/passwd