Unable to run sudo command on linux

centos permissions sudo chmod
20,091

Solution 1

Your permissions are very off, indeed.

They should be similar to:

-r--r----- 1 root root   4188 Mar 31 11:30 /etc/sudoers
---s--x--x 1 root root 130720 Mar 31 13:09 /usr/bin/sudo

To fix this, as root

chmod 4111 /usr/bin/sudo
chmod 440 /etc/sudoers

If you see a + sign in the ls -l output then it means there are also ACLs set; these should be removed

setfacl -b /usr/bin/sudo /etc/sudoers

(you don't seem to have this problem; I include it for completeness)

Since your permissions were broken, it's possible the SELinux labels were also broken. You should verify the SELinux labels are correct with ls -Z:

-r--r-----. root root system_u:object_r:etc_t:s0       /etc/sudoers
---s--x--x. root root system_u:object_r:sudo_exec_t:s0 /usr/bin/sudo

These should be fixable with restorecon

restorecon -v /usr/bin/sudo /etc/sudoers

Finally you may have a totally problem install (eg PAM config, /etc/sudo.conf). You can check to see what files have been modified:

rpm --verify sudo

If this throws up any files that look off then you might want to delete them and then reinstall sudo.

eg

rm /etc/sudo.conf /etc/pam.d/sudo*
yum reinstall sudo

(This does require a working yum setup so don't do this if your repo's don't work!)

Solution 2

If sudo doesn't work, you can become a root user with su -

Later be root, you can re-install sudo using these commands below:

yum remove sudo

yum install sudo

You need to add yourself to /etc/sudoers file, enter:

visudo

Grant vivek user full permission via sudo:

vivek ALL=(ALL) ALL

Save and close the file. Later do that, you have sudo and you can become a root user using:

sudo -i

If it doesn't work, use

sudo -s

Share:
20,091

Related videos on Youtube

Joey Yi Zhao
Author by

Joey Yi Zhao

Updated on September 18, 2022

Comments

  • Joey Yi Zhao
    Joey Yi Zhao almost 2 years

    I am using Linux CentOS but suddenly I couldn't run sudo command. I got below errors. Even with root user it got the same error.

    $ sudo ls
sudo: unable to stat /etc/sudoers: Permission denied
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin

    Below is the permission on this file:

     ls -l /etc/sudoers
-rwxr-xr-x 1 root root 4241 Jun  9 20:36 /etc/sudoers
# which sudo
/usr/bin/sudo
# ls -l /usr/bin/sudo
--ws-wx-wx. 1 root root 130712 Jun 10  2014 /usr/bin/sudo

    What wrong with the system? How can I fix it?

    EDIT1

    Please see below command output:

    # ls -Z /etc/sudoers
-r--r----- root root ?                                /etc/sudoers

    I have run chmod 440 on this file but it seems the permission is broken.

    EDIT2

    I run below command to set the /etc/sudoers permission but it still not correct:

    root@Cool-Too ~]# chmod 440 /etc/sudoers
[root@Cool-Too ~]# ll /etc/sudoers
-r--r----- 1 root root 4241 Aug 14 22:16 /etc/sudoers
[root@Cool-Too ~]# ll -Z /etc/sudoers
-r--r----- root root ?                                /etc/sudoers
    • user4556274
      user4556274 almost 8 years
      On CentOS, there are probably corrupted SELinux permissions. Try restorecon /etc/sudoers (as root).
    • FelixJN
      FelixJN almost 8 years
      Permissions are odd, they usually should be 440 for /etc/sudoers (i.e. -r--r----- root root). Use chmod 440 /etc/sudoers (as root) - if the problem persists use visudo and check if there are syntax errors in your sudoers file.
    • Gilles 'SO- stop being evil'
      Gilles 'SO- stop being evil' almost 8 years
      Those permissions are really strange. Beware, even if you fix sudo, there may be other things that are broken. This doesn't happen on its own… Did you run strange commands recently?
  • Joey Yi Zhao
    Joey Yi Zhao almost 8 years
    I have tried these command but they don't work. I have updated my post for the output of ls -Z command.
  • Joey Yi Zhao
    Joey Yi Zhao almost 8 years
    I become root and reinstalled sudo but it still not work. The output of sudo -i and sudo -s are the same as the error I showed on my post.
  • Chad
    Chad almost 8 years
    OK, anyway, you can be root user with su?
  • Joey Yi Zhao
    Joey Yi Zhao almost 8 years
    Yes I can be root with su but other user can't run sudo command.
  • Joey Yi Zhao
    Joey Yi Zhao almost 8 years
    rpm --verify sudo return 'S.5....T. c /etc/sudoers'. Is this correct?
  • Stephen Harris
    Stephen Harris almost 8 years
    That seems fine. As long as visudo -c responds OK.
  • Joey Yi Zhao
    Joey Yi Zhao almost 8 years
    what else could be the problem?
  • Joey Yi Zhao
    Joey Yi Zhao almost 8 years
    I have checked that visudo -c response ok

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Sudoers.d Permissions denied
sudo: /var/lib/sudo writable by non-owner (040777), should be mode 0700
Not able to install *.run file in Ubuntu?
Error after sudo-ing "sudo: must be setuid root"
How to fix sudo after "chmod -R 777 /usr/bin"?
What if I accidentally run command "chmod -R" on system directories (/, /etc, ...)
Restore default permissions to "/var" to CentOS installation
Unable to run 'sudo chmod +w /etc/hosts'
relation between chmod and sudo on an executable file
sudoers config to allow edit of files in particular directory (and children)