I was trying to make my /private/etc folder and all its contents world-readable. 'Permission denied' messages from a number of internal files and folders were a recurrent theme whenever I did a find operation on that folder. But chmod -R seems to have failed here. Can someone please explain why I get this error message and what I should do to fix it? I'm on OS X 10.8.3.
$ sudo chmod -R a+r /private/etc
sudo: /private/etc/sudoers is mode 0444, should be 0440
sudo: no valid sudoers sources found, quitting
In fact any read operation in the directory seems to fail:
$sudo stat /private/etc/raddb/sql/sqlite
sudo: /private/etc/sudoers is mode 0444, should be 0440
sudo: no valid sudoers sources found, quitting
Best Answer
Changing the permissions on
/private/etc/sudoersis definitely a no-no. Thesudocommand will fail to work if that file's permissions are not0440as you are noticing. This is a security measure -- the command distrusts any permission setting that is less restrictive than0440as it allows for potential tampering with sudo permissions on the box.Normally you'd boot in to single user mode to fix this problem. This lets you log in with elevated privledges so you can do a:
and get your
sudocommand back.But I found this article that had an alternative that doesn't require a reboot and works if your account has Administrator level access. I haven't tried it, but it seems sound.
Open a Finder window a hit
Shift-Command-Gto get the "Go To" dialog. Enter/private/etcin the dialog and hit theGobutton.Find the
sudoersfile in the Finder window, select it and pressCommand-Ito open the information window for the file and change the permissions on the file so they match:Close the information window and you should be back in business.
All this being said: I would strongly encourage you to rethink changing the permissions of everything under
/private/etcto be world readable. This poses a serious security risk (as seen from the waysudolocks you out when you make/private/etc/sudoersworld readable) to your machine. Maybe there's another Ask Different question here that'll help you solve a problem you think you're solving by making these unsafe changes?