修改/etc/sudoers权限后的补救方法

/etc/sudoers的权限必须是0440,错误修改成0777后导致sudo命令无法使用。

xxx@yyy:~$ sudo more /etc/sudoers.d/README
[sudo] password for xxx:
#
# As of Debian version 1.7.2p1-1, the default /etc/sudoers file created on
# installation of the package now includes the directive:
#
# #includedir /etc/sudoers.d
#
# This will cause sudo to read and parse any files in the /etc/sudoers.d
# directory that do not end in '~' or contain a '.' character.
#
# Note that there must be at least one file in the sudoers.d directory (this
# one will do), and all files in this directory should be mode 0440.
#
# Note also, that because sudoers contents can vary widely, no attempt is
# made to add this directive to existing sudoers files on upgrade. Feel free
# to add the above directive to the end of your /etc/sudoers file to enable
# this functionality for existing installations if you wish!
#

解决办法1:如果系统中有root用户,那么只需要登录root用户修改/etc/sudoers文件的权限。

su root

chmod 0440 /etc/sudoers

但如果此时未设置root用户或密码,无法登录root用户。

解决办法2:可在普通用户下通过pkexec命令来修改权限。

在重新返回通常模式下,执行pkexec chmod 0440 /etc/sudoers

xxx@yyy:~$ pkexec chmod 0440 /etc/sudoers
==== AUTHENTICATING FOR org.freedesktop.policykit.exec ===
Authentication is needed to run `/bin/chmod' as the super user
Authenticating as: xxx,,, (xxx)
Password:
==== AUTHENTICATION COMPLETE ===

解决办法3:

1、重启机器,按下SHIFT,选择recovery mode,蹦出来一个菜单,选择root进入root shell。

 mount -o remount,rw /

chmod 0440 /etc/sudoers

2、重启进入普通状态下的系统,就能sudo了

 

posted @ 2019-08-20 17:31  walker_bin  阅读(4012)  评论(0编辑  收藏  举报