(At the bottom there is an important update.)
I was doing experiments in order to backup a remote account to my local system, Ubuntu 12.04 LTS. I'm not confident with duplicity and probably, due to wrong syntax, some local files have been replaced with remote files. This is just a supposition, I'm not sure this is the real cause of OS corruption. The corruption happened after experimenting with backups, so I think I did something wrong at this regard.
I was aware there was a problem when I tried to access a command using sudo
:
$ sudo ls
sudo: unable to open /etc/sudoers: Permission denied
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin
This is how /etc/sudoers looks like:
$ ls -ald /etc/sudoers
-r--r----- 1 root root 788 Oct 2 18:30 /etc/sudoers
At this point I tried to reboot and now this is the message I get:
The system is running in low graphics mode.
Your screen, graphics card and input device
settings could not be detected correctly.
You will need to configure these yourself.
I tried to follow the wizard to configure these settings, but without luck (the system prevents me going on when I press "Next").
The thing that makes me a bit less worried is that all the data on the disk seems readable and I'm able to access them using a live cd. I run memtest and RAM seems to be OK.
Do you have any idea about how to recover my system? I'm very glad to provide further information, just let me know what info could be helpful.
UPDATE. The issue is about wrong permissions and this is how I discovered: I mounted the root partition of the broken OS on /mnt/broken/
(live CD) and did ls /mnt/broken/
. I got a permission denied error, while I expected to have the directory listing. I had to do sudo ls /mnt/broken/
and this worked. Thus without having root permission via sudo it's impossible to access the root of broken os.
The current output of ls -ld /mnt/broken/
is:
drwxr-x--- 29 1000 812 4096 2012-12-08 21:58 /mnt/broken
Any thoughts on how to restore the old (working) set of permissions?
Best Answer
If the file system was mounted readonly please run
mount -n -o remount,rw /
to mount the root with read/write support. Alright, Lets Move on.You can use
pkexec
as an alternative tosudo
for the time being.First of all ensure you have root privilege by
groups <username>
and look forsudo
in output.If your account is not in group
sudo
then add it to sudo group byusermod -a -G sudo <username>
then check the permissions on /etc directory and see if it has permissions set above or at least 544 that means you can at least read from it.
Use
chmod 751 /etc
to set proper permissionsThen again
chmod 440 /etc/sudoers
to set proper permissions for sudoers fileThen verify that
lsattr /etc/sudoers
shows at least- - e - /etc/sudoers
Use
chattr +e /etc/sudoers
if you cannot see "e" in output from last command.Syntax Error ?
If problem still persists then you might want to look into the sudoers file for any syntax error or just export the content to a file by
cat /etc/sudoers >> /home/<username>/sudoers.txt
and show it to us.Go Advance !
I will not recommend this if you dont have enough experience with linux but you always have an option to re-install the sudo package with
apt-get install --reinstall sudo
while logged in as root in recovery mode and then configure the sudoers file withvisudo
editor only.First match the uncommented content in sudoers file with the content written below and if necessary make changes wherever you can.
In case you decide to reinstall and configure the
sudo
you'd basically need to add only this to the sudoer file if not already present:Defaults env_reset
Defaults mail_badpass
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
root ALL=(ALL:ALL) ALL
%admin ALL=(ALL) ALL
%sudo ALL=(ALL:ALL) ALL
As a final note and warning, You have to edit the file with only
visudo /etc/sudoers
as root and after you are finished editing the file set proper permissions for it i.e. 440