I tried the Hail Mary, but Mary didn't hail back. It was a good thought, but changing the %sudo line didn't change anything. Visudo saved the edited file as sudoers.tmp without any complaints. I then did mv /etc/sudoers /etc/sudoers.old and mv /etc/sudoers.tmp /etc/sudoers. I have attached sudo.old. Nels Tomlinson (907) 500-4802 On Tue, Apr 7, 2015 at 9:09 PM, Henrik Hudson <rhavenn@xxxxxxxxxxx> wrote: > On Tue, 07 Apr 2015, Nels Tomlinson wrote: > > > Mark, user think is in the adm and sudo groups: > > ================== > > think@Penguin-Korora:~$ groups think > > think : think adm cdrom sudo dip plugdev lpadmin sambashare > > ====================== > > > > I tried to use sudo, then immediately looked in auth.log. Here is the > > output from tail /var/og/auth.log: > > > > ================ > > think@Penguin-Korora:~$ sudo visudo /etc/sudoers > > [sudo] password for think: > > think is not in the sudoers file. This incident will be reported. > > think@Penguin-Korora:~$ tail /var/log/auth.log > > Apr 7 17:24:27 Penguin-Korora lightdm: pam_unix(lightdm:session): > session > > opened for user think by (uid=0) > > Apr 7 17:24:27 Penguin-Korora systemd-logind[695]: Removed session c3. > > Apr 7 17:24:27 Penguin-Korora systemd-logind[695]: New session c4 of > user > > think. > > Apr 7 17:24:27 Penguin-Korora systemd-logind[695]: Linked > > /tmp/.X11-unix/X1 to /run/user/1000/X11-display. > > Apr 7 17:24:27 Penguin-Korora lightdm: > pam_ck_connector(lightdm:session): > > nox11 mode, ignoring PAM_TTY :1 > > Apr 7 17:24:27 Penguin-Korora lightdm: pam_kwallet(lightdm:session): > > pam_sm_open_session > > Apr 7 17:24:27 Penguin-Korora lightdm: pam_kwallet(lightdm:session): > > pam-kwallet: final socket path: /tmp//think.socket > > Apr 7 17:24:27 Penguin-Korora gnome-keyring-daemon[5504]: couldn't set > > environment variable in session: The name org.gnome.SessionManager was > not > > provided by any .service files > > Apr 7 17:24:44 Penguin-Korora polkitd(authority=local): Registered > > Authentication Agent for unix-session:c4 (system bus name :1.104 > > [/usr/lib/kde4/libexec/polkit-kde-authentication-agent-1], object path > > /org/kde/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) > > Apr 7 17:29:50 Penguin-Korora sudo: think : user NOT in sudoers ; > > TTY=pts/0 ; PWD=/home/think ; USER=root ; COMMAND=/usr/sbin/visudo > > /etc/sudoers > > > > ======================== > > > > So, I'm in the adm (there is no admin group) and sudo groups, sudo group > > is in the sudoers file, but I'm not in sudoers. > > > > Henrik, I don't seem to have a /var/log/messages. grep -R sudo > /var/log/* > > didn't get me anything I could recognize as useful. There were a bunch > of > > messages from dpkg.log, but little else. > > Nels, > > If you don't have / aren't in %admin, then the %sudo is the only > other group. > > Since sudo isn't throwing an error it thinks the > sudoers file is, technically, correct. > > I don't know if it's a bug or something, but boot to single-user and > change this: > %sudo ALL=(ALL:ALL) ALL > > to this: > %sudo ALL=(ALL) ALL > > That :ALL should let you specify a group to runas, but it should > be optional. It's a hail mary :) > > Also, when using visudo don't supply the sudoers file to make sure > that you're actually editing the right file. If possible, make a > copy of the sudoers file and change the permissions so that your > regular account can read it and pastebin it or email it. Assuming > it's got nothing super secret in there. > > > henrik > > > > > > Nels Tomlinson > > (907) 500-4802 > > > > On Tue, Apr 7, 2015 at 10:14 AM, Mark Neyhart <Mark.Neyhart@xxxxxxxxx> > > wrote: > > > > > On 04/07/2015 09:56 AM, Nels Tomlinson wrote: > > > > Somehow I messed up sudo on a new computer preloaded with Kubuntu > 14.04. > > > > It was a few weeks ago, and I didn't keep any notes on what I did, > but I > > > > was trying to add my daughter's account to the sudoers list, and > somehow > > > no > > > > accounts are on the sudoers list any more. > > > > Both accounts are in the adm and sudo groups. I have tried > following the > > > > instructions at > > > > > > > > https://sites.google.com/site/installationubuntu/security/fix-sudo-ers-file > > > > but my sudoers file looks like the one there. > > > > > > > > I would attach the sudoers file, but I don't have access to it > unless I > > > > boot to single user mode. > > > > > > > > I have the lines > > > > root ALL=(ALL:ALL) ALL > > > > > > > > %admin ALL=(ALL) ALL > > > > > > > > %sudo ALL=(ALL:ALL) ALL > > > > exactly as they appear in the link I mentioned above. > > > > > > > > > > I see nothing obviously wrong with these lines. > > > > > > While logged in with your daughters account does the output of the > > > groups command show her as member of sudo and admin? > > > > > > Have you checked the permissions of the /etc/sudoers file? My debian > > > machine shows > > > # ls -l sudoers > > > -r--r----- 1 root root 787 2015-02-05 11:53 sudoers > > > > > > Is there anything of interest in the /var/log/auth.log? > > > ------------------------------------ > > > The Juneau Linux Users Group -- http://www.juneau-lug.org > > > This is the Juneau-LUG mailing list. > > > To unsubscribe, send an e-mail to juneau-lug-request@xxxxxxxxxxxxx > with > > > the word unsubscribe in the subject header. > > > > > > > > > ------------------------------------ > > The Juneau Linux Users Group -- http://www.juneau-lug.org > > This is the Juneau-LUG mailing list. > > To unsubscribe, send an e-mail to juneau-lug-request@xxxxxxxxxxxxx with > the word unsubscribe in the subject header. > ------------------------------------ > The Juneau Linux Users Group -- http://www.juneau-lug.org > This is the Juneau-LUG mailing list. > To unsubscribe, send an e-mail to juneau-lug-request@xxxxxxxxxxxxx with > the word unsubscribe in the subject header. > ------------------------------------ The Juneau Linux Users Group -- http://www.juneau-lug.org This is the Juneau-LUG mailing list. To unsubscribe, send an e-mail to juneau-lug-request@xxxxxxxxxxxxx with the word unsubscribe in the subject header.