Cannot sudo due to stupidity and forgot root password

bryan · October 5, 2022, 3:14pm

I had a problem and ended up on linux - curl: /usr/local/lib/libldap_r-2.4.so.2: no version information available - Stack Overflow, the solution of which I think I executed incorrectly and have now screwed myself.

I ran the command

sudo ln -fs /usr/lib/libldap_r-2.4.so.2 /lib64/

and now I cannot sudo.

[bryan@fedora ~]$ sudo
sudo: error in /etc/sudo.conf, line 0 while loading plugin "sudoers_policy"
sudo: unable to load /usr/libexec/sudo/sudoers.so: libldap_r-2.4.so.2: cannot open shared object file: No such file or directory
sudo: fatal error, unable to load plugins

This is what my /lib64/ looks like with the symlink I created:

[bryan@fedora ~]$ ls -la /lib64/ | grep libldap
-rwxr-xr-x. 1 root root     15144 Aug 16 05:32 libldap-2.4.so.2
lrwxrwxrwx. 1 root root        16 Aug 16 05:32 libldap-2.4.so.2.0.200 -> libldap-2.4.so.2
lrwxrwxrwx. 1 root root        27 Oct  5 23:42 libldap_r-2.4.so.2 -> /usr/lib/libldap_r-2.4.so.2
lrwxrwxrwx. 1 root root        18 Aug 16 05:32 libldap_r-2.4.so.2.0.200 -> libldap_r-2.4.so.2
lrwxrwxrwx. 1 root root        18 Aug 16 05:32 libldap.so.2 -> libldap.so.2.0.200
-rwxr-xr-x. 1 root root    413832 Aug 16 05:32 libldap.so.2.0.200

When I try to remove the symlink, either by rm or unlink, I get permission denied:

[bryan@fedora lib64]$ unlink libldap_r-2.4.so.2
unlink: cannot unlink 'libldap_r-2.4.so.2': Permission denied

I’ve been researching and people have suggested su to log into root and then removing the symlink, except I really don’t remember ever setting a password for root and have no idea.

Please help!

alys · October 5, 2022, 4:01pm

Welcome to the world of being a sysadmin. One of the first things you’d learn on a Linux Cert test is resetting the root password. Here’s a howto as provided by RedHat:

bryan · October 5, 2022, 4:09pm

I’ve been busy—I’ve followed the tutorial at How to Reset the root Password :: Fedora Docs to and have now successfully reset my root password.

It turns out that my root account was locked and uninitialized (?) which is apparently default behaviour after Fedora 30, or 28, or something like that.

Now, I have the root account ready and I can su to log in.

However, I want to know if simply removing the symlink I created is safe, as there seems to have been many other symlinks and files in /lib64/ regarding libldap.

I’m wondering if my symlink could have overwritten something there, and removing the symlink will lead to more problems so I’m hesitant to just log into root and remove the symlink.

vekruse · October 5, 2022, 4:11pm

Removing the symlink would not have helped. When you get root access, you need to re-install the packages openldap-compat

What you did was to replace the real file /lib64/libldap_r-2.4.so.2 with a symbolic link posibly pointing to some none-existing file. Only a package re-install can fix that.

bryan · October 5, 2022, 4:15pm

I see! I’m glad I didn’t just go ahead and remove the symlink.

Just to confirm, would the process

su
Enter password to login to root
As root, dnf reinstall openldap-compat

be correct?

bryan · October 5, 2022, 4:30pm

I went ahead with the process above and it worked like a charm.
Thanks Alys and Villy for the help.

ilikelinux · October 6, 2022, 11:49am

With the Workstation image this is default yes. Root is there but has not set a password yet.
sudo passwd root should make your root account ready to use.

bryan · October 7, 2022, 1:11pm

Yes, I am aware sudo passwd root allows for root password change.
However, my issue was that sudo was broken, so running sudo passwd root was not an option for me.
I had to follow How to Reset the root Password :: Fedora Docs as a result as aforementioned.