[juneau-lug] Re: How to repair sudo?

  • From: Henrik Hudson <rhavenn@xxxxxxxxxxx>
  • To: juneau-lug@xxxxxxxxxxxxx
  • Date: Wed, 8 Apr 2015 10:44:50 -0800

On Wed, 08 Apr 2015, James Zuelow wrote:

> On Wednesday, April 08, 2015 06:45:29 Nels Tomlinson wrote:
> > Here, between the equals signs, are the contents of the file.  Henrik, I
> > have attached the actual file again, also.  This is the old file, from
> > before I changed the sudo line to read sudo=(ALL) ALL.
> > Do I need a % in front of sudo?  It seems odd that visudo didn't complain,
> > if that's a problem.
> 
> sudo is syntactically correct, so visudo won't complain.  However it will 
> break the config.
> 
> sudo == a user named sudo.
> 
> %sudo == all members of the sudo group.
> 
> 
> 
> If I have been following the thread correctly there are two issues:
> 
> Your admin group is actually named adm, and adm is not in your sudoers file.
> 
> Your sudo entry is missing the group identifier.
> 
> With this version of the sudoers file I would fix those errors (assuming I'm 
> remembering the adm/admin thing correctly).

Yeah, if that's what is indeed in there and that wasn't a typo.
Change it like James suggests. The % is what indicates a group.


> Also, one of the first things I do on an Ubuntu box is:
> 
> sudo su -
> passwd
> 
> That way you don't have to reboot to single-user mode if sudo breaks.
> 
> (Of course I'm a Debian user, so to me using root is Just How It Works)

I would just make sure that SSH doesn't allow root SSH if you do
this or key only logins. Of course, for an internal non-public IP'ed
computer it doesn't really matter. I forget what the Ubuntu / Debian default
is for that.


henrik




------------------------------------
The Juneau Linux Users Group -- http://www.juneau-lug.org
This is the Juneau-LUG mailing list.
To unsubscribe, send an e-mail to juneau-lug-request@xxxxxxxxxxxxx with the 
word unsubscribe in the subject header.

Other related posts:

  1. Home
  2. juneau-lug
  3. Archive
  4. 04-2015