I unexpectedly deleted my user account (the only administrator for the machine). I have another account which is a standard account and now I can't access my hard disk or anything with that standard account – it is asking for the root password. Is there any way I can recover access to the administrator account?
Ubuntu – I accidentally deleted administrator account and the other accounts are asking root password
administrationpassword-recoveryusers
Related Solutions
What Would Happen
If you configure your system so that no users are administrators, then no one will be able to perform administrative tasks as root with sudo (or its graphical frontends, such as gksu, gksudo, and kdesudo) or PolicyKit. Assuming the root account remains disabled, you will not be able to log in as root (even from a virtual console) or su-to-root either. Barring possible security vulnerabilities, this would prevent anyone from performing administrative tasks in the running system.
Fixing the Problem
However, if you did this, the problem would still be easily fixed, assuming you have physical access to the machine. Fixing this problem is similar to resetting a forgotten password, except you add the user to the sudo and/or admin groups with usermod, rather than resetting their password with passwd.
Here's one method:
Boot into recovery mode by holding Shift while booting and selecting it. Select the option for a
rootshell. You'll get a shell with a#prompt (rather than the usual$). This means it's arootshell. Any command you run here is run asroot.If you know your username, skip this step. To find out your username, run
ls /home. This is a pretty reliable way to list the usernames of the human users of your system (while omitting user accounts likewww-dataandnobodywhich are used internally but don't represent real people).Run these commands to add
usernameto the necessary group(s) to be an administrator. (Replaceusernamewith the actual username.)usermod -a -G sudo username usermod -a -G admin usernameThis separately attempts to add the user to the
sudoandadmingroups. In Ubuntu releases up to Ubuntu 11.10, administrators were in theadmingroup. In Ubuntu 12.04 (and in future releases), administrators are in thesudogroup; if a 12.04 system was upgraded from a previous release, both groups will exist.So you can put the user in just one, if you know which one, or you can just run those two commands and put them in whichever exists. I advise doing this with two commands so that if one group doesn't exist, the error doesn't stop
usermodfrom attempting to add the user to the other group.
Recovery mode is usually accessible. But occasionally it may be broken, disabled, or require a password, in which case you can boot from a live CD, chroot into the installed system, and run the usermod commands. Here's a procedure for doing that, adapted from my considerably more general answer here:
If you don't already have one, burn an Ubuntu live CD/DVD (on Ubuntu, Windows, or Mac OS X) or write an Ubuntu live USB flash drive (on Ubuntu, Windows, or Mac OS X).
In your Ubuntu system (not the live CD/DVD/USB system), run the following command in the Terminal (Ctrl+Alt+T). You do not need to be an administrator to do this.
mount | grep ' on / 'You should include the spaces before
onand after/.That command produces something like
/dev/sda1 on / type ext4 (rw,errors=remount-ro,commit=0)as the output. The text beforeon(not including the space) is the device name of the partition that contains your Ubuntu system's root filesystem. Remember it (or write it down).Boot the computer from the live CD/DVD/USB and select
Try Ubuntu without installing(notInstall Ubuntu).Run these commands, replacing
/dev/sda1with the device name of the partition containing your Ubuntu system's root filesystem, if different (andusernamewith the name of the user account you wish to give administrative abilities).sudo mount /dev/sda1 /mnt sudo chroot /mnt usermod -a -G sudo username usermod -a -G admin username exit sudo umount /mntAs with the other method, you can use
ls /home(run this after thechrootcommand) to see a list of users on the machine, if you don't know the username.
Alternatives to Eliminating Administrators
On Ubuntu, when you're an administrator, you still need to authenticate with sudo or PolicyKit to perform actions as root. This is considered to be at least as secure as using su to perform actions as root, since anyone who can compromise your account in such a way to read your own password (for sudo) can also read root's password (for su). Furthermore, there are some substantial advantages (explained here) of sudo over su, and enabling the root account, while quite possible, is neither recommended nor officially supported in Ubuntu.
If you decide that even though sudo and PolicyKit require your password to perform actions as root, you still want yourself and all other human users on your machine to run as a standard user (and not as an administrator who can run commands as root), you have two easy options:
You can enable the
rootaccount, but this is discouraged as explained above. Also, by default you will not be able to log in to a graphical session asroot, and you should not configure your system to allow this, as it's particularly dangerous to run an entire graphical desktop environment asroot(a security bug in any part of it could compromise your system). Also, most GUI programs are not tested asrootso there may be substantial usability bugs. If you do enableroot, you should only ever log on as root from a virtual console (or usesu).The better option is to just create another user account for administrative purposes. Make this account an administrator. Having a non-
rootaccount that can perform administrative tasks withsudoand PolicyKit does not force you to use that account for day-to-day, non-administrative tasks.
However, most users are best off with the default--where at least one user account is an administrator and can perform administrative tasks, but must (re)enter their password to do so.
The sudoers file works normally via group membership of a user.
As default, you have the following configuration in ubuntu:
# Members of the sudo group may gain root privileges
%sudo ALL=(ALL) ALL
As I understand your description, you have dropped the group membership for the sudo group.
Hopefully you have left over another account which is member in the sudo group. If this is true, you can use the following command to fix your user:
sudo usermod -a -G sudo USERNAME
If you have given your root user an explicit password (non standard in ubuntu), you can also invoke:
su -c usermod -a -G sudo USERNAME
If both isn't possible, you may do the following:
- boot your computer with a live/rescue cd (see also https://wiki.ubuntu.com/RecoveryMode)
- mount your root partition (aka
/) to e.g./mnt chroot /mnt usermod -a -G sudo USERNAME
Best Answer
You can use recovery mode to add the standard user to the admin group (which is now called sudo in 12.04). Below is a set of simple instructions copied from my personal website.
Using Recovery Mode To Add Users To The Admin / Sudo Group
First shutdown your computer.
Then
restart whilst holding shifton the keyboard to load grub menu.Select
recovery modefrom the grub menu.Select
drop to root shellfrom the recovery menu.Use the following command to remount the drive
mount -o rw,remount /Now type
adduser username sudoreplacing username with your user name ie. 'adduser phil sudo'You should now see a message saying 'adding user' followed by 'done'.
Type
shutdown -r nowto restart the computer.EDIT: If it is telling you that user xxx does not exist, first you can use the following command to list users and make sure that you have the correct username
The other option is add a new user, from recovery mode using the following commands :
Again replacing
usernamewith your desired username.