Here, between the equals signs, are the contents of the file. Henrik, I have attached the actual file again, also. This is the old file, from before I changed the sudo line to read sudo=(ALL) ALL. Do I need a % in front of sudo? It seems odd that visudo didn't complain, if that's a problem. ============= # # This file MUST be edited with the 'visudo' command as root. # # Please consider adding local content in /etc/sudoers.d/ instead of # directly modifying this file. # # See the man page for details on how to write a sudoers file. # Defaults env_reset Defaults mail_badpass Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" # Host alias specification # User alias specification # Cmnd alias specification # User privilege specification root ALL=(ALL:ALL) ALL # Members of the admin group may gain root privileges %admin ALL=(ALL) ALL # Allow members of group sudo to execute any command sudo ALL=(ALL:ALL) ALL # See sudoers(5) for more information on "#include" directives: #includedir /etc/sudoers.d =================== Nels Tomlinson (907) 500-4802 On Tue, Apr 7, 2015 at 11:04 PM, Henrik Hudson <rhavenn@xxxxxxxxxxx> wrote: > Seems the mailing list strips attachments. You can send it directly > to me if you want. > > henrik > > > -- > Henrik Hudson > rhavenn@xxxxxxxxxxx > ------------------------------------------------- > "There are 10 kinds of people in the world: Those > who understand binary and those who don't..." > > > On Tue, 07 Apr 2015, Nels Tomlinson wrote: > > > I tried the Hail Mary, but Mary didn't hail back. It was a good thought, > > but changing the %sudo line didn't change anything. > > Visudo saved the edited file as sudoers.tmp without any complaints. I > then > > did mv /etc/sudoers /etc/sudoers.old and mv /etc/sudoers.tmp > /etc/sudoers. > > > > I have attached sudo.old. > > > > Nels Tomlinson > > (907) 500-4802 > > > > On Tue, Apr 7, 2015 at 9:09 PM, Henrik Hudson <rhavenn@xxxxxxxxxxx> > wrote: > > > > > On Tue, 07 Apr 2015, Nels Tomlinson wrote: > > > > > > > Mark, user think is in the adm and sudo groups: > > > > ================== > > > > think@Penguin-Korora:~$ groups think > > > > think : think adm cdrom sudo dip plugdev lpadmin sambashare > > > > ====================== > > > > > > > > I tried to use sudo, then immediately looked in auth.log. Here is > the > > > > output from tail /var/og/auth.log: > > > > > > > > ================ > > > > think@Penguin-Korora:~$ sudo visudo /etc/sudoers > > > > [sudo] password for think: > > > > think is not in the sudoers file. This incident will be reported. > > > > think@Penguin-Korora:~$ tail /var/log/auth.log > > > > Apr 7 17:24:27 Penguin-Korora lightdm: pam_unix(lightdm:session): > > > session > > > > opened for user think by (uid=0) > > > > Apr 7 17:24:27 Penguin-Korora systemd-logind[695]: Removed session > c3. > > > > Apr 7 17:24:27 Penguin-Korora systemd-logind[695]: New session c4 of > > > user > > > > think. > > > > Apr 7 17:24:27 Penguin-Korora systemd-logind[695]: Linked > > > > /tmp/.X11-unix/X1 to /run/user/1000/X11-display. > > > > Apr 7 17:24:27 Penguin-Korora lightdm: > > > pam_ck_connector(lightdm:session): > > > > nox11 mode, ignoring PAM_TTY :1 > > > > Apr 7 17:24:27 Penguin-Korora lightdm: pam_kwallet(lightdm:session): > > > > pam_sm_open_session > > > > Apr 7 17:24:27 Penguin-Korora lightdm: pam_kwallet(lightdm:session): > > > > pam-kwallet: final socket path: /tmp//think.socket > > > > Apr 7 17:24:27 Penguin-Korora gnome-keyring-daemon[5504]: couldn't > set > > > > environment variable in session: The name org.gnome.SessionManager > was > > > not > > > > provided by any .service files > > > > Apr 7 17:24:44 Penguin-Korora polkitd(authority=local): Registered > > > > Authentication Agent for unix-session:c4 (system bus name :1.104 > > > > [/usr/lib/kde4/libexec/polkit-kde-authentication-agent-1], object > path > > > > /org/kde/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) > > > > Apr 7 17:29:50 Penguin-Korora sudo: think : user NOT in sudoers ; > > > > TTY=pts/0 ; PWD=/home/think ; USER=root ; COMMAND=/usr/sbin/visudo > > > > /etc/sudoers > > > > > > > > ======================== > > > > > > > > So, I'm in the adm (there is no admin group) and sudo groups, sudo > group > > > > is in the sudoers file, but I'm not in sudoers. > > > > > > > > Henrik, I don't seem to have a /var/log/messages. grep -R sudo > > > /var/log/* > > > > didn't get me anything I could recognize as useful. There were a > bunch > > > of > > > > messages from dpkg.log, but little else. > > > > > > Nels, > > > > > > If you don't have / aren't in %admin, then the %sudo is the only > > > other group. > > > > > > Since sudo isn't throwing an error it thinks the > > > sudoers file is, technically, correct. > > > > > > I don't know if it's a bug or something, but boot to single-user and > > > change this: > > > %sudo ALL=(ALL:ALL) ALL > > > > > > to this: > > > %sudo ALL=(ALL) ALL > > > > > > That :ALL should let you specify a group to runas, but it should > > > be optional. It's a hail mary :) > > > > > > Also, when using visudo don't supply the sudoers file to make sure > > > that you're actually editing the right file. If possible, make a > > > copy of the sudoers file and change the permissions so that your > > > regular account can read it and pastebin it or email it. Assuming > > > it's got nothing super secret in there. > > > > > > > > > henrik > > > > > > > > > > > > > > Nels Tomlinson > > > > (907) 500-4802 > > > > > > > > On Tue, Apr 7, 2015 at 10:14 AM, Mark Neyhart < > Mark.Neyhart@xxxxxxxxx> > > > > wrote: > > > > > > > > > On 04/07/2015 09:56 AM, Nels Tomlinson wrote: > > > > > > Somehow I messed up sudo on a new computer preloaded with Kubuntu > > > 14.04. > > > > > > It was a few weeks ago, and I didn't keep any notes on what I > did, > > > but I > > > > > > was trying to add my daughter's account to the sudoers list, and > > > somehow > > > > > no > > > > > > accounts are on the sudoers list any more. > > > > > > Both accounts are in the adm and sudo groups. I have tried > > > following the > > > > > > instructions at > > > > > > > > > > > > > > > https://sites.google.com/site/installationubuntu/security/fix-sudo-ers-file > > > > > > but my sudoers file looks like the one there. > > > > > > > > > > > > I would attach the sudoers file, but I don't have access to it > > > unless I > > > > > > boot to single user mode. > > > > > > > > > > > > I have the lines > > > > > > root ALL=(ALL:ALL) ALL > > > > > > > > > > > > %admin ALL=(ALL) ALL > > > > > > > > > > > > %sudo ALL=(ALL:ALL) ALL > > > > > > exactly as they appear in the link I mentioned above. > > > > > > > > > > > > > > > > I see nothing obviously wrong with these lines. > > > > > > > > > > While logged in with your daughters account does the output of the > > > > > groups command show her as member of sudo and admin? > > > > > > > > > > Have you checked the permissions of the /etc/sudoers file? My > debian > > > > > machine shows > > > > > # ls -l sudoers > > > > > -r--r----- 1 root root 787 2015-02-05 11:53 sudoers > > > > > > > > > > Is there anything of interest in the /var/log/auth.log? > > > > > ------------------------------------ > > > > > The Juneau Linux Users Group -- http://www.juneau-lug.org > > > > > This is the Juneau-LUG mailing list. > > > > > To unsubscribe, send an e-mail to juneau-lug-request@xxxxxxxxxxxxx > > > with > > > > > the word unsubscribe in the subject header. > > > > > > > > > > > > > > > > > ------------------------------------ > > > > The Juneau Linux Users Group -- http://www.juneau-lug.org > > > > This is the Juneau-LUG mailing list. > > > > To unsubscribe, send an e-mail to juneau-lug-request@xxxxxxxxxxxxx > with > > > the word unsubscribe in the subject header. > > > ------------------------------------ > > > The Juneau Linux Users Group -- http://www.juneau-lug.org > > > This is the Juneau-LUG mailing list. > > > To unsubscribe, send an e-mail to juneau-lug-request@xxxxxxxxxxxxx > with > > > the word unsubscribe in the subject header. > > > > > > > > > > > ------------------------------------ > > The Juneau Linux Users Group -- http://www.juneau-lug.org > > This is the Juneau-LUG mailing list. > > To unsubscribe, send an e-mail to juneau-lug-request@xxxxxxxxxxxxx with > the word unsubscribe in the subject header. > ------------------------------------ > The Juneau Linux Users Group -- http://www.juneau-lug.org > This is the Juneau-LUG mailing list. > To unsubscribe, send an e-mail to juneau-lug-request@xxxxxxxxxxxxx with > the word unsubscribe in the subject header. > ------------------------------------ The Juneau Linux Users Group -- http://www.juneau-lug.org This is the Juneau-LUG mailing list. To unsubscribe, send an e-mail to juneau-lug-request@xxxxxxxxxxxxx with the word unsubscribe in the subject header.