Sudoers error

[JoeyGreen]

Hi,
Something happened to my /etc/sudoers file
Every time i try to run sudo or install from the pi store i get this error:
sudo: parse error in /etc/sudoers near line 8
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin

Can someone help me?

[FTrevorGowen]

Hi Joey,
/etc/sudoers MUST be edited with visudo - see raspbian example below:

Code: Select all

#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults        env_reset
Defaults        mail_badpass
Defaults        secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/
sbin:/bin"

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root    ALL=(ALL:ALL) ALL

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL

# See sudoers(5) for more information on "#include" directives:

#includedir /etc/sudoers.d
pi ALL=(ALL) NOPASSWD: ALL

Unfortunately if it's become corrupted you can't run visudo thus:
sudo visudo

or even
sudo more /etc/sudoers
to see what's there!

The only thing I can think of is does the "root terminal" in LDXE still work? (Assuming you're running raspbian, of course!).

Unless anyone has any better ideas you may just have to use a new SD card image.

Sorry I can't be of any more help,
Trev.

[penguintutor]

You should use visudo to edit the sudoers file to protect against corrupting the file.

If you have already corrupted the file then you can edit it using any editor (or copy one from a working Pi image), but you will need to put the SD card into another computer if you can't edit the file on the Pi. You can't see the partition in Windows (assuming that's what you normally use), so you'll need to boot into Linux eg. using Knoppix or a Ubuntu Live CD / USB. When you insert the SD card it will normally be automounted into the /media directory eg /media/<SDcard> so you'll need to edit /media/<SDcard>/etc/sudoers

If you are copying the file from another Pi then make sure you set the permissions correctly otherwise it won't work (440 for root:root).

[JoeyGreen]

Ive fixed sudoers now i get a different error
sudo: parse error in /etc/sudoers.d/sudoers near line 25
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin

Can someone help?

[FTrevorGowen]

Ive fixed sudoers now i get a different error
sudo: parse error in /etc/sudoers.d/sudoers near line 25
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin

Joey,
AFAIK the ONLY file in the /etc/sudoers.d/ directory should be the README file as listed below, unless you've added something else there. (This assumes a "fairly fresh" raspbian image). Additionally, unless the "#includedir /etc/sudoers.d" line has been uncommented (no #), that sub-directory should not be being read.

Code: Select all

pi@raspigrey ~ $ sudo more /etc/sudoers.d/README
#
# As of Debian version 1.7.2p1-1, the default /etc/sudoers file created on
# installation of the package now includes the directive:
#
#       #includedir /etc/sudoers.d
#
# This will cause sudo to read and parse any files in the /etc/sudoers.d
# directory that do not end in '~' or contain a '.' character.
#
# Note that there must be at least one file in the sudoers.d directory (this
# one will do), and all files in this directory should be mode 0440.
#
# Note also, that because sudoers contents can vary widely, no attempt is
# made to add this directive to existing sudoers files on upgrade.  Feel free
# to add the above directive to the end of your /etc/sudoers file to enable
# this functionality for existing installations if you wish!
#
# Finally, please note that using the visudo command is the recommended way
# to update sudoers content, since it protects against many failure modes.
# See the man page for visudo for more information.
#

I'm beginning to think that your SD image is corrupted, rather that just the "sudoers" area.
Trev.

[jojopi]

Additionally, unless the "#includedir /etc/sudoers.d" line has been uncommented (no #), that sub-directory should not be being read.

The hash is actually part of the directive (as with cpp's #include), not a comment. There are a few packages that add files to that directory, but the file /etc/sudoers.d/sudoers looks more like a user error than anything else.

If you accidentally copy sudoers into sudoers.d then you do indeed get a (slightly misleading) parse error due to the attempted #includedir recursion. Just delete that file.

[FTrevorGowen]

Additionally, unless the "#includedir /etc/sudoers.d" line has been uncommented (no #), that sub-directory should not be being read.

The hash is actually part of the directive (as with cpp's #include), not a comment. There are a few packages that add files to that directory, but the file /etc/sudoers.d/sudoers looks more like a user error than anything else.
...

Thanks for correcting that - I must have had my "bash head" on .
Trev.

[JoeyGreen]

Thanks, but no thanks.
That includedir line is commented,
and the only file in /etc/sudoers.d is README,
my sd is not corrupted,
This is a new error that i get now:
sudo: parse error in /etc/sudoers near line 28
sudo: no valid sudoer sources found, quitting
sudo: unable to initialize policy plugin
Can you help w/ that?

[penguintutor]

Joey

It's not possible to diagnose a syntax error without seeing the file.
I'd suggest you copy a working sudo file from a working Raspbian install. Just make sure that the permissions are set correctly after doing so (perhaps easiest by editing the existing file and deleting all the existing lines before adding ones from working image).

[JoeyGreen]

O hai,

Well, this is what happened.

I need to get a fresh install of raspbian because my raspi wont boot. Period.

And it wont work.
Can you check out my other post about that?
You can find it in the setup bit of the raspi forums.

Thanks,
Joey