> sudo: unable to stat /usr/local/etc/sudoers: No such file or directory
> sudo: no valid sudoers sources found, quitting
This means the main configuration file of sudo does not exist. You should create it.
> sudo: unable to initialize policy plugin
This is apparently related to new features of sudo, maybe to LDAP-based sudo configuration? Anyway, the "policy plugin" should not be necessary for basic sudo functionality.
By the way, the use of "sudo su -" is an obsolete way to become root through sudo. "sudo -i" achieves exactly the same thing, without chaining through the "su" command.
(Old versions of sudo did not have the -i option, so "sudo su -" was used: it means "run command 'su -' as root". The "su -" part rebuilds the environment so that the session would get exactly the same environment as when logging in as root. As a side effect, sudo outputs one log message about this transition, and "su -" causes another log message, telling that root became root through sudo. In a busy system with multiple admins, this may make it harder to track who did what. In my opinion, "sudo -i" is a better way.)
To allow user "chetan" to use "sudo -i" to become root, your /usr/local/bin/sudo should contain this rule:
chetan ALL=(root) /sbin/sh
If you want to allow the obsolete "sudo su -", you could use this rule instead:
chetan ALL=(root) /usr/bin/su -
If you want to allow running any commands as any user through sudo (thus allowing each command that is run as root to be logged), you could use this rule:
chetan ALL=(ALL) ALL
This rule would allow doing things like:
$ whoami
chetan
$ sudo vi /etc/rc.config.d/netconf
<edit /etc/rc.config.d/netconf as root>
$ whoami
chetan
$ sudo -u oracle lsnrctl start
<run "lsnrctl start" as user "oracle">
(In some high-security environments, it is mandatory to use sudo like this, instead of running a shell as root.)
MK
