HPE Community
Operating System - HP-UX
1834752 Members
2954 Online
110070 Solutions
New Discussion

Re: sudo doesn't execute a binary which got dependancy on SHLIBs

 
SOLVED
Go to solution
kumasudh
Advisor

‎06-08-2008 09:40 PM

‎06-08-2008 09:40 PM

sudo doesn't execute a binary which got dependancy on SHLIBs

Hi,

I am facing issues while a executing a binary which has got the dependancy on the SHLIBs .

#chatr smsstatus
smsstatus:
shared executable
shared library dynamic path search:
SHLIB_PATH enabled first
embedded path disabled second Not Defined
shared library list:
dynamic /usr/lib/libpthread.1
dynamic /usr/lib/libntl.2
dynamic /usr/lib/libelf.2
dynamic ../../libs/OracleDM/SET_1/libwtc9.sl
dynamic ../../libs/OracleDM/SET_1/libclntsh.sl.9.0
dynamic /usr/lib/libstd.2
dynamic /usr/lib/libstream.2
dynamic /usr/lib/libCsup.2
dynamic /usr/lib/libm.2
dynamic /usr/lib/libcl.2
dynamic /usr/lib/libc.2
static /usr/lib/libdld.2
.....
So while executing this CLI with sudo
sudo smsstatus
/usr/lib/dld.sl: Can't open shared library: ../../libs/OracleDM/SET_1/libclntsh.sl.9.0
/usr/lib/dld.sl: No such file or directory
Abort(coredump)

Knowing the factor that for security reasons, sudo will exclude the env variables like LD_* ,SHLIB_PATH etc while executing the commands.

Could somebody help me to provide a way to have env variable SHLIB_PATH in the shell session where sudo executes "smsstatus" CLI.

Thanks and Regards
0 Kudos
Reply
5 REPLIES 5
Asif Sharif
Honored Contributor

‎06-08-2008 09:46 PM

‎06-08-2008 09:46 PM

Re: sudo doesn't execute a binary which got dependancy on SHLIBs

Hi kumasudh,

see the below thread.
http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=10911

Regards,
Asif Sharif
Regards,
Asif Sharif
0 Kudos
Reply
Jeeshan
Honored Contributor

‎06-08-2008 09:49 PM

‎06-08-2008 09:49 PM

Re: sudo doesn't execute a binary which got dependancy on SHLIBs

Hi

SHLIB_PATH is an enviorenmental variable specially declared in oracle or any other users profile specially related to oracle's library usage.

sudo will execute the program with permission of that owner. suppose if smastatus program owner is xyz and if abc want to execute that, it will run like that

$abc>sudo -u xyz smsstatus

user abc will automatically load the environment of xyz.

if you don't want to do that, you just set the environement variable of SHLIB_PATH of abc user with proper permission.
a warrior never quits
0 Kudos
Reply
Mustafa Gulercan
Respected Contributor

‎06-08-2008 09:54 PM

‎06-08-2008 09:54 PM

Re: sudo doesn't execute a binary which got dependancy on SHLIBs

Hi ;
could you try to reinstall sudo from this link;
http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=HPUXIEXP1111

Hp tested it and it will propably work

regards,
mustafa
0 Kudos
Reply
Matti_Kurkela
Honored Contributor

‎06-09-2008 03:13 AM

‎06-09-2008 03:13 AM

Solution

Re: sudo doesn't execute a binary which got dependancy on SHLIBs

Two possible solutions:

1.)
Don't make sudo execute the smsstatus binary directly: instead, have sudo execute a script which sets all the necessary environment variables to correct values and then executes the smsstatus binary.

2.)
"man sudoers" will tell you about env_keep option, which can be used to allow sudo to preserve some environment variables.

NOTE: allowing the LD_* or SHLIB_PATH variables to pass through sudo is a huge security risk, as a malicious person can use these variables together with sudo to run his/her malicious code with root privileges.

MK
MK
Reply
kumasudh
Advisor

‎06-09-2008 03:28 AM

‎06-09-2008 03:28 AM

Re: sudo doesn't execute a binary which got dependancy on SHLIBs

Hi Matti,

Thanks a lot for the suggestion. It really helped.

Regards
kumasudh
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.