10

Possible Duplicate:
Ubuntu : borked my sudoers file, how can I fix it?

Problem description:

I have broken my /etc/sudoers file by making a typo in it. Now I can no longer use any sudo commands as the below error is thrown. Therefore I can't fix my sudoers file and am effectively stuck.

$ sudo nano /etc/sudoers
>>> /etc/sudoers: syntax error near line 39 <<<
sudo: parse error in /etc/sudoers near line 39
sudo: no valid sudoers sources found, quitting

I found few solutions saying I should boot into recovery mode (like the one below) which I would obviously like to avoid.
Ubuntu : borked my sudoers file, how can I fix it?

Questions:

-Are there any other ways to fix it without restarting ubuntu?
-If it is so easy to lock yourself out of sudo when modifying the sudoers file (everybody can do a typo), why isn't the sudoers config read from memory instead of the file directly? There would be a command (e.g. sudo-load) that would make sure the syntax is OK before loading the config into memory thus avoid this sort of problems.

Solutions:
There seems to be 2 ways of recovering it:
-if you have the root password you can simply issue a 'su' and then edit the file
-if you don't have the root password you need to restart into single user mode

Community
  • 1
Max
  • 3,523
  • 16
  • 53
  • 71
  • 3
    [This answer](http://serverfault.com/questions/206610/ubuntu-borked-my-sudoers-file-how-can-i-fix-it/206612#206612) on the question you linked to tells you all you need to know. Even the /etc/sudoers file itself has a comment warning you to always use `visudo` to edit it. – ThatGraemeGuy Mar 24 '11 at 08:45
  • this is why i now always set a root password immediately after install. Got burnt the same way myself, on a remote machine I had no access to. – Sirex Mar 24 '11 at 10:04
  • Using `pkexec $EDITOR` is even better, see http://askubuntu.com/questions/73864/how-to-modify-a-invalid-etc-sudoers-file-it-throws-out-an-error-and-not-allowi – NeilenMarais Nov 25 '15 at 09:43

1 Answers1

13

Nope, you have to reboot, or log in as root if you allow root logins.

This is the reason you should always use visudo when you modify the sudoers file. visudo will check the syntax of the sudo file before saving it, protecting you from this specific problem (but not from writing a sudoers file that disallows you from running sudo!)

Note that sudoers is normally setup to not be writable even by root on Ubuntu:

-r--r----- 1 root root 556 2010-04-18 15:05 sudoers

So you must have changed the access rights on sudoers to modify it with nano. There is a very good reason files are setup like this. If you come across a file that is not writable by root you should think one, two and three times before you change access rights and start editing it.

pehrs
  • 8,789
  • 1
  • 30
  • 46
  • My sudoers file has the same permissions (-r--r-----) but still I can edit it when doing sudo nano. I will used visudo from now on. Also another way to fix it if you have the root password is to simply do 'su' then edit the file. – Max Mar 24 '11 at 09:07
  • @user64204 Interesting... My standard editor (emacs) prevents me from editing the file, while vi makes it very clear it is non-writable but lets me bypass. Another reason to ditch nano ;) – pehrs Mar 24 '11 at 10:08
  • +1 for visudo. Also, see http://askubuntu.com/a/73872/5078 for info on using `pkexec` for recovery (via PolicyKit). – belacqua May 22 '14 at 22:36