How to fix sudo after "chmod -R 777 /usr/bin"?
Solution 1
Accepted status notwithstanding, I'm now convinced this answer is wrong. (I hope to improve it soon, after consulting with the OP about the accept.) I think I recall others saying this worked, but I believe their problems were at least slightly different. The method described herein remains valuable for some situations where
chmod -R 777 /usr/bin
is interrupted with Ctrl+C or otherwise does not complete. But once it does,pkexec
is un-setuid'd too and it won't work any better thansudo
, as Damien Roche and Oli have rightly commented.
On an Ubuntu desktop system, PolicyKit is installed, so pkexec
can be used to repair a broken sudo
executable or sudoers
file. You do not need to boot into recovery mode and you do not need to boot from a live CD. You don't even need to reboot.
In this case, run the following commands:
pkexec chown root:root /usr/bin/sudo
pkexec chmod 4755 /usr/bin/sudo
See this question for more information.
Solution 2
Even when running from the live CD / Pendrive, you must prefix your chmod
command with sudo
. So your steps will be like the following:
- boot from a live CD / Pendrive
- check whether your disk was already automounted (and where to). If not, mount it (see below)
- use
sudo chmod 0755 <path>
to adjust the permissions
How to figure out where your disk is mounted: from a terminal window, run mount
(without arguments). This will list up all mounted devices. Check for the type
listed -- you can skip everything not using a "real file system" (your disk probably uses either ext3 or ext4 -- you can for sure skip things like proc, sysfs and the like). If something sounds promising (looking like /dev/sda1 on /media/sda1 type ext3
), check its contents using ls /media/sda1
to see if it's that.
If it is not mounted, you can check with the /dev
entries where the disk could be (using ls /dev/ |grep '/dev/sd
to check for available devices; your disk should look like /dev/sdaX
, /dev/sdbX
or the like -- with X being a number). Compare this with the list of mounted devices. If it's not there, try to mount it and check its contents (as shown above). To mount it, first create a mountpoint, e.g. sudo mkdir /mnt/mydisk
, then try to mount the device using mount /dev/sda1 /mnt/mydisk
and check its contents using ls /mnt/mydisk
.
Once you get the right disk there, you can go to change the permissions back on your usr dir: sudo chmod 0755 /mnt/mydisk/usr
.
Now you still might be in trouble if you originally ran the chmod
command recursively, using the -R
parameter. In that case you can either try to fix each entry manually -- or you can go straight for a fresh install...
Solution 3
In an attempt to set permissions for my local scripts, I broke the sudo permission and changed ownership, by mistake. I was able to change back the ownership of sudo to root by doing the following:
Step 1: Switch to ubuntu recovery mode. If you are unaware of the process, you can refer an answer here: https://askubuntu.com/a/172346/223901
Step 2: Once in recovery mode, select root - Drop to root shell prompt
Step 3: Do the following commands
mount -o remount,rw /
chown root:root /usr/bin/sudo
chmod 4755 /usr/bin/sudo
reboot
Wait for your system to boot normally and you will see the ownership of sudo back to root.
Solution 4
I think Mat's correct, you must be root to add the bit to /usr/bin, but of course sudo is broken. If you have a root password you can use that to logon as root and then fix the permissions with the above command. If you don't, however, (and I don't either) it would probably be best to:
- boot from a Linux live CD
- become root there
- mount the partition with the above system
- then straighten out the permissions on that file system using a terminal.
Root is always user number 0 so root on any system can make changes allowed to root on other file systems.
Solution 5
I don't have much knowledge. But these steps solved my problem even without restarting my machine. Follow these steps:
su root
<enter root password>
cd /usr
chmod -R 755 *
Comments
-
Manojkumar over 1 year
I entered
chmod -R 777 /usr/bin
and now sudo is not working.It says
sudo must be setuid root
.Some advice online said to run
chown root:root /usr/bin/sudo chmod 4755 /usr/bin/sudo
.On entering
chown root:root /usr/bin/sudo
it shows anopened in readonly mode
error.-
Admin over 9 yearsManoj Kumar: Did the
pkexec
method in my answer (which you've marked as accepted) solve this problem for you? I've become convinced that, as Damien Roche and Oli have commented, this method does not actually work after asudo chmod -R 777 /usr/bin
command has successfully completed. Likesudo
,pkexec
has to be setuid root to work. (I'm not sure why, as it uses the polkit service, but it does.) However, I think I've heard other people say this has worked for them, which is curious! Had you pressed Ctrl+C before the777
chmod command finished? -
Admin about 7 yearsHello. This method actually has worked for me after I accidentally successfully ran
sudo chmod -R 777 /usr/bin
, but only after logging into theroot
account.
-
-
vin almost 12 yearsI tried to create mount point, but I got an error which read mount point mnt/mydisk does not exists is mydisk to be replaced with some thing and just for the record i wrote
mount /dev/sda /mnt/mydisk
fromroot@Ubuntu:/dev#
-
David Tod almost 12 yearsYou did a) create that mount point (directory) before issuing the mount command (as described) and b) took care for the leading slash as well? Try
mkdir -p /mnt/mydisk && mount /dev/sda1 /mnt/mydisk
(I don't think you have no partitions on/dev/sda
, so you must have missed the partition number as well. Make sure you specify the correct device (or mount will fail). -
Damien Roche over 10 years
pkexec must be setuid root
! What a nightmare! -
Oli almost 10 yearsAs Damien points out, the problem with this approach is
pkexec
is in exactly the same predicament assudo
. It's normally setuid and lives in/usr/bin
. I've tested it and this just doesn't work afterchmod -R 777 /usr/bin
. -
Eliah Kagan over 9 years@DamienRoche, Oli: I'm sorry for not fixing this way sooner! You're both right. I'm unsure why
pkexec
has to be setuid root to work (doesn't it work through the polkit daemon like other non-setuid processes?), but it does need that. I've commented on the question to see if the OP (who accepted this) can shed light on what, if anything, is right or helpful about this answer. And I've added a temporary banner to the top of this post so I don't further mislead. If this answer continues to exist, its improved form will probably incorporate some info currently in that banner. -
Rinzwind about 9 yearsYou are missing at least a "cd" command. If you do it like this you are doing the "chmod" on the home dir for root. That will make things worse.
-
Manu Mohan Thekkedath about 9 yearsthaks... edited my answer... i was in /usr folder
-
David Foerster over 8 yearsThis only works, if a password is set for
root
, which is not the default configuration of Ubuntu. -
FliiFe almost 7 yearsYou could just use
su
, which is located under /bin -
Eliah Kagan almost 7 years@FliiFe Fixing the permissions (or ownership) of files in
/usr/bin
requires root privileges, but you cannotsu
to root on most Ubuntu systems because root logins are disabled by default. Unlikesudo
andpkexec
, when you usesu
to get a root shell or to run a command as root, you have to provide root's password, not your own. But root has no password by default in Ubuntu (which is to say that password-based authentication for root will always fail, not that entering a blank password would work). See RootSudo for details. -
FliiFe almost 7 years@EliahKagan Ah, yeah. Didn't really think about this. I had this issue on a debian server (which you have to set up using root account).