I made a mistake in terminal, and now every time I use sudo, I get the error message: sudo: unable to initialize PAM: Invalid argument
I know what I messed up, which is adding a character outside of a comment in the following file: /etc/pam.d/sudo
The contents is as follows:
x# sudo: auth account password session
auth sufficient pam_tid.so
auth sufficient pam_smartcard.so
auth required pam_opendirectory.so
account required pam_permit.so
password required pam_deny.so
session required pam_permit.so
What happened was that I was using nano to edit this file to add pam_tid.so to this file so I can use touch id to bypass sudo. I then pressed Ctr+x to exit out, but missed the Ctr and didn't see the x outside of the comment. So when I try to use sudo, I get the error. The worst part is that to edit this file, I need sudo. Any help would be very much appreciated.
Thanks
Best Answer
You'll need to find an alternate means of elevating privileges, which is intentionally hard "because security." :) Since this is a Mac, one way is to reboot and hold down command+R to get into the rescue shell, and then start a terminal (it's in the utilities menu, IIRC) where you will have a root shell which can edit the pam file.
Another possible way is to copy the pam file to your home directory, correct it, then copy the file using the Finder (open /etc by selecting "go", then "go to folder" in the finder menu). I'm pretty sure that doesn't use the sudoers pam file to control access, but I don't recall for sure. You may also need to repair permissions after copying this way.
Either way: today's valuable sysadmin lesson is that, when editing pam files, you should always leave the editor window open until you've tested your changes. Save the file without exiting, and in another window (or from another machine, as the case may be), verify that things work. Only then do you exit the editor. :)