fixing the Sudo screw up

Make sure

For showing up GRUB menu while boot, hold SHIFT key while booting.
For entering in recovery mode and change any thing as root: change

during boot (usually BIOS shows hot keys), hold down shift to pop up grub menu
2. move cursor to linux recovery boot, press 'e' to enter edit mode
3. the linux line already shows 'ro single', change it to 'rw single init=/bin/bash'
4, press ctrl-x to boot the system into '#'

the linux line already shows 'ro', change it to 'rw'

http://ubuntuforums.org/showthread.php?t=1698182

http://www.psychocats.net/ubuntu/fixsudo
http://www.psychocats.net/ubuntu/resetpassword


In case above links doesnt work:

sudoers recovery, recovery mode cannot get # Ubuntu 8.04 I guess, I shall use visudo but I use gedit and made a syntax error. no other a/c, and I'm not sure whether root passwd. after that sudo su not work. use shift to get to recovery mode and drop to # prompt, yet it still ask me root passwd that may be never set or I forgot. anyway I can recover it? thanks I know such is a old topic, sb said add single user mode, I tried to add "single" then ctrl-x yet it still asks for passwd. {update} I get it work, it seems ubuntu changed usage each version, so we do know developers are improving ubuntu. 1. during boot (usually BIOS shows hot keys), hold down shift to pop up grub menu 2. move cursor to linux recovery boot, press 'e' to enter edit mode 3. the linux line already shows 'ro single', change it to 'rw single init=/bin/bash' 4, press ctrl-x to boot the system into '#' 5. cd /etc and you can modify say visudo, adduser, passwd, what's my fault? I want to add "NOPASSWD:" in sudo line yet I added ":NOPASSWD" that blocks whole sudo. Linux is not smart, cannot remove wrong syntax auto. Last edited by lastguy; March 1st, 2011 at 11:36 PM..

Fix Broken Sudo

How does sudo work?
Cause and symptoms
Booting into recovery mode
Do the actual repair

How does sudo work?

The way that Ubuntu has implemented sudo, the /etc/sudoers file says that users in the admin group can (after a password authentication) temporarily escalate to system-wide privileges for particular tasks. And then the /etc/groups file says which users are in the admin group. You can read more on the community documentation about Ubuntu's implementation of sudo.

Cause and symptoms

sudo breaks when one or more of the following occurs:

• the /etc/sudoers file has been altered to no longer allow users in the admin group to escalate privilege
• the permissions on the /etc/sudoers file are changed to something other than 0440
• a user who should not have been has been taken out of the admin group

If sudo is broken this way, you may notice an error saying you're not in the sudoers file and the incident is going to be reported. Or you may just see the next command prompt without any action being executed.

Booting into recovery mode

Since fixing sudo involves editing system files, and you would otherwise need sudo to do so, you'll have to boot into recovery mode to gain root (system-wide) access in order to repair sudo. If you have a single-boot (Ubuntu is the only operating system on your computer), to get the boot menu to show, you have to hold down the Shift key during bootup.
If you have a dual-boot (Ubuntu is installed next to Windows, another Linux operating system, or Mac OS X; and you choose at boot time which operating system to boot into), the boot menu should appear without the need to hold down the Shift key.

From the boot menu, select recovery mode, which is usually the second boot option.

After you select recovery mode and wait for all the boot-up processes to finish, you'll be presented with a few options. In this case, you want the Drop to root shell prompt option so press the Down arrow to get to that option, and then press Enter to select it.
The root account is the ultimate administrator and can do anything to the Ubuntu installation (including erase it), so please be careful with what commands you enter in the root terminal.

Do the actual repair

Case 1: If you'd removed your last admin user from the admin group, then type

adduser username admin

where username is your actual username. Case 2: If you had previously edited the /etc/sudoers file and screwed it up, then type

sudo cp /etc/sudoers /etc/sudoers.backup
sudo nano /etc/sudoers

(the proper command is actually sudo visudo, which checks syntax before you save the /etc/sudoers file, but in some older versions of Ubuntu, that command uses the vi editor, which can be confusing to new users, as opposed to nano, which is more straightforward) and make it sure it looks like this:

# /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the man page for details on how to write a sudoers file.
# Defaults env_reset
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL) ALL
# Allow members of group sudo to execute any command after they have
# provided their password
# (Note that later entries override this, so you might need to move
# it further down)
%sudo ALL=(ALL) ALL
#
#includedir /etc/sudoers.d
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

When you're done making changes, press Control-X, Y, Enter. Case 3: If you are trying to fix the error where it says sudo is mode _____, should be 0440, then you'll want to type

chmod 0440 /etc/sudoers

When you're done with whatever commands you needed to enter, type

exit

This will bring you back to the recovery menu.
Choose to resume a normal boot. Then you should be able to sudo again.
Last updated 04/30/11 01:08