Friday, January 25, 2008

sudo: /etc/sudoers is owned by

Right about now you're probably looking at somthing similar to this.
sudo: /etc/sudoers is owned by gid 1000, should be 0

Maybe you accidently chown'd or chmod'd files recursively where the etc directory was effected. Maybe you did the same thing I did & chowned /etc/sudoers to root:mygroup instead of root:root like it's supposed to be.

In any event you're looking at a message like the one above and you can't use sudo anymore. This is because the sudo application wants things exactly right or it assumes there's been a compromise.
The file /etc/sudoers should be owned by root:root and should not be readable by anyone other than root.

Unless for some reason you allow remote root logins, you will need to physically have the server in front of you to fix this issue. If you don't have a monitor hooked up to the system, you better find a monitor to hookup now.

If you have the root password, login as root & chown the file to root:root.
root@box:~$ chown root:root /etc/sudoers

Then chmod the /etc/sudoers to 0440.
root@box:~$ chmod 0440 /etc/sudoers

If you, like I, never set a root password, you'll need to reboot the system, press ESC during boot, & select the recovery mode from the boot options. That will give you a terminal logged in as root you can use to run the chown and chmod commands.

Once the proper ownership & permissions are set on that file you can restart the system as usual & sudo should be up and running again.


Keiji said...

Wow, thank you so much for writing this... it was a lifesaver :D

Since cp leaves the permissions of the destination file alone when overwriting, I figured mv would do the same - big mistake!

Anonymous said...

I too echo the previous comment. I had identical problem. What worries me though is the ease with which one can gain root privileges by booting into recovery mode!!

Anonymous said...

Thank you, thank you. It works with VMware with RHEL4 as a guest on windoze. I entered
chown -R xxx:xxx /*
without thinking (obviously). I swear sometimes my inner drunk chick takes over the keyboard.

Anonymous said...

thank you so so so so much, you just saved my ability to use root. I think i recursively changed all permissions in /etc to my normal user profile. hadn't thought of root:root.
Thank you again!!