13

I was editing my /etc/sudoers file and saved it but it has a syntax error in there. Now I can't sudo vim /etc/sudoers because sudo thinks the sudoers file is not valid.

How can I fix this?

7ochem
  • 280
  • 1
  • 3
  • 12
fred basset
  • 665
  • 2
  • 7
  • 14

5 Answers5

21

You should never edit your sudoers file directly. Use visudo - it will protect you from these syntax errors in the future.

To recover from this situation, either boot into single-user mode and edit the file or boot off of a livecd and do the same.

EEAA
  • 109,363
  • 18
  • 175
  • 245
  • Thanks, I was wondering what visudo did differently. I need to work out now how to boot into single user mode. My Ubuntu is running under Virtualbox. – fred basset Nov 27 '10 at 22:43
  • 1
    visudo causes you to edit a copy of the sudoers file. It will only replace the sudoers file if it validates when you save it. It will use the editor specified by your EDITOR variable, so you can use your prefered editor. It can also be used in check mode if you edited the file and want to be sure it is still valid. – BillThor Nov 28 '10 at 00:13
7

Boot the system into single mode and then edit it.

Ignacio Vazquez-Abrams
  • 45,939
  • 6
  • 79
  • 84
7

If you have Docker installed and your user is a member of the docker group you can easily get yourself out of this pickle (and some others) without rebooting or what-have-you:

  1. $ docker run -it --rm -v '/etc/:/root/host.etc/' debian bash
  2. apt-get update && apt-get install [vim|nano|whatever]
  3. cd ~/host.etc/
  4. Repair the problem files
  5. exit
Adrian Günter
  • 181
  • 1
  • 4
  • Docker? Have you seen Docker anywhere in the original question? – Deer Hunter Jul 22 '15 at 07:24
  • 4
    As the question doesn't specify *anything* about the asker's environment and it is now 2015, meaning quite a few people have Docker installed, I understand neither your attitude toward me nor your contempt for my contribution. It is not at all unfathomable that someone else in this situation would have software installed that, as of today, has been starred by 23.5k people on GitHub. If `pkexec` is also for some reason unavailable then this provides an alternate method, without rebooting, that is almost as quick and simple. – Adrian Günter Jul 23 '15 at 21:17
  • 3
    This actually worked for me! Saved me a 45min drive into the office. It did not allow me to edit /etc/sudoers, but did allow me to delete a bad file in /etc/sudoers.d that was causing it issue. – Rusty Sep 04 '20 at 03:44
  • 1
    For clarification: pkexec did not work; I kept getting auth errors. But this docker hack did work. Now that I think about it (next day), I didn't think to chmod /etc/sudoers, to make it writable first. Maybe that was why I couldn't edit /etc/sudoers. – Rusty Sep 04 '20 at 14:28
  • 1
    Thanks a lot, it saved my day (night, actually)! – Denis Arnaud Mar 10 '21 at 00:40
2

As noted in this similar question on askubuntu, this may well work without having to reboot into single-user mode:

pkexec visudo
Community
  • 1
Tom
  • 2,652
  • 1
  • 20
  • 12
1

By the way, if you have the root password, just login with it and set it back the way it was.

chmod 0440 /etc/sudoers

This will avoid you from booting into single-user mode or worst, booting from a livecd.

In my case I couldn't afford to bring the server down.

Lucas Kauffman
  • 16,880
  • 9
  • 58
  • 93
yaxzone
  • 11
  • 1