Gamingmoor
Posts: 2
Joined: Sun Feb 02, 2014 6:56 pm

Sudo unable to stat /etc/suders: Permission denied

Wed Jul 30, 2014 10:08 pm

So today I was setting up a mail server on my raspberry pi which is my webserver hosting many websites.
I was a total idiot and did sudo chown pi /etc -R (or what ever order it is) and now I have fakd my pi.
I can't do any sudo commands, when I do i get the error.
sudo: unable to stat /etc/sudoers: Permission denied
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin

During the boot up it runs apache2 but brings up loads of errors due to write issues so my sites work, just about however there are no error pages (404, 403 etc).
Also I can't access via FTP as vsftpd can't run.
Also I can't shut it down or reboot. as sudo reboot doesn't work and reboot on it's own brings up the error
-bash: reboot: command not found as guessed.
Also when I login via SSH (plugged in keyboard jams(can't stop key getting sent)) it says at the start of the line (I have no [email protected] - $)(webserver is the pis name)

Any help would be much appreciated!

Many loves, jervi

check out my raspberry pi site @ http://pi.jervi.co.uk , if it works!

User avatar
rpdom
Posts: 15937
Joined: Sun May 06, 2012 5:17 am
Location: Chelmsford, Essex, UK

Re: Sudo unable to stat /etc/suders: Permission denied

Thu Jul 31, 2014 5:36 am

You have mangled all the permissions on /etc. That is going to be a big job to fix.

Your options are:

a) Restore from your latest backup.

b) Use NOOBs recovery or write a new image to the card to start again from square one.

c) Add "init=/bin/sh" to the end of cmdline.txt to get a root recovery shell, mount the "/" partition and try and fix the permissions. Most of them should be 644 (-rw-r--r--) for files and 755 (drwxr-xr-x) for directories with owner root:root, but there are a few that are more restrictive. Still, just setting those defaults for now should get you a bootable system.
[edit]
/etc/sudoers and anything under /etc/sudoers.d should be 640 (-rw-r-----). That is probably very important. The /etc/sudoers.d directory itself is 755 like all the other directories.

plugwash
Forum Moderator
Forum Moderator
Posts: 3504
Joined: Wed Dec 28, 2011 11:45 pm

Re: Sudo unable to stat /etc/suders: Permission denied

Thu Jul 31, 2014 1:35 pm

Since it appears you have only changed the ownership not the permissions do not make things worse by messing with the permissions too. Some files are not world readable for a very good reason.

I'd suggest booting with init=/bin/sh and doing

chown -R root /etc

And seeing what state that brings you to.

User avatar
rpdom
Posts: 15937
Joined: Sun May 06, 2012 5:17 am
Location: Chelmsford, Essex, UK

Re: Sudo unable to stat /etc/suders: Permission denied

Thu Jul 31, 2014 2:22 pm

plugwash wrote:Since it appears you have only changed the ownership not the permissions do not make things worse by messing with the permissions too. Some files are not world readable for a very good reason.
Good point. I'd assumed chown and chmod had both been used, but now I've re-read the post while awake I can see I was wrong.

User avatar
jojopi
Posts: 3115
Joined: Tue Oct 11, 2011 8:38 pm

Re: Sudo unable to stat /etc/suders: Permission denied

Fri Aug 01, 2014 11:09 am

rpdom wrote:I'd assumed chown and chmod had both been used, but now I've re-read the post while awake I can see I was wrong.
I think you were right, actually. Simply changing the owner gives a different message "/etc/sudoers is owned by uid 1000, should be 0".

sudo is set-uid root, so the only way I can see to get "unable to stat /etc/sudoers: Permission denied" is to remove all execute permissions from /etc itself.

cpc464
Posts: 218
Joined: Tue Jul 08, 2014 5:10 pm
Contact: Website

Re: Sudo unable to stat /etc/suders: Permission denied

Fri Aug 01, 2014 12:42 pm

Hi Gamingmoor,

If what you did really was just "chown -R pi /etc", it shouldn't be too hard to fix. However this depends on you having root access, which you might not have because sudo is broken. Do you have a shell (command line) currently running as root ?

Incidentally the reboot error was just command not found. But only root can run it anyway.

Jim
Unix engineer since 1989

cpc464
Posts: 218
Joined: Tue Jul 08, 2014 5:10 pm
Contact: Website

Re: Sudo unable to stat /etc/suders: Permission denied

Fri Aug 01, 2014 12:58 pm

After a bit of testing I think you have done more than just "chown -R pi /etc"

First, the sudo error is caused by permissions on /etc, as said above. To fix sudo, type the command

chmod 755 /etc

but you must be root to do that.
Unix engineer since 1989

plugwash
Forum Moderator
Forum Moderator
Posts: 3504
Joined: Wed Dec 28, 2011 11:45 pm

Re: Sudo unable to stat /etc/suders: Permission denied

Fri Aug 01, 2014 1:29 pm

jojopi wrote: sudo is set-uid root, so the only way I can see to get "unable to stat /etc/sudoers: Permission denied" is to remove all execute permissions from /etc itself.
Or maybe changed the permissions or ownership of sudo itself?

User avatar
RaTTuS
Posts: 10519
Joined: Tue Nov 29, 2011 11:12 am
Location: North West UK
Contact: Twitter YouTube

Re: Sudo unable to stat /etc/suders: Permission denied

Fri Aug 01, 2014 1:39 pm

log in in single user mode or plug it into a machine running linux and change it back ....
How To ask Questions :- http://www.catb.org/esr/faqs/smart-questions.html
WARNING - some parts of this post may be erroneous YMMV

1QC43qbL5FySu2Pi51vGqKqxy3UiJgukSX
Covfefe

User avatar
jojopi
Posts: 3115
Joined: Tue Oct 11, 2011 8:38 pm

Re: Sudo unable to stat /etc/suders: Permission denied

Fri Aug 01, 2014 3:33 pm

plugwash wrote:Or maybe changed the permissions or ownership of sudo itself?
That was going to be my conclusion originally, but it gives another specific message "effective uid is not 0, is sudo installed setuid root?"

Removing all execute permissions from /etc did not seem a good explanation either, because I am almost certain the system will not boot at all in that state. On further research, it appears that sudo drops root privileges just for the stat:

Code: Select all

getresgid32([0], [0], [0])              = 0
setresuid32(-1, 1, -1)                  = 0
lstat64("/etc/sudoers", 0xbee353b0)     = -1 EACCES (Permission denied)
setresuid32(-1, 0, -1)                  = 0
So removing group- and/or other-execute permission from /etc may be sufficient to break sudo while still allowing a relatively normal boot. In that case, "pkexec bash" can still work for a root shell.

hermilohdez
Posts: 1
Joined: Wed Jul 29, 2015 5:00 pm

Re: Sudo unable to stat /etc/suders: Permission denied

Wed Jul 29, 2015 5:11 pm

Hi,
I had a similar problem and solved as next:
I used another micro SD card to boot and then having access to the other one by using a USB port of the RPi.
Once the other micro SD card was mounted, I just had to change the permissions of the "/etc" folder:
sudo chmod 755 /media/root/etc/
I hope this helps,
Hermilo

burt777
Posts: 5
Joined: Wed Sep 18, 2013 11:57 am

Re: Sudo unable to stat /etc/suders: Permission denied

Thu Jul 20, 2017 12:47 am

I had this exact problem (and some more) after moving / to a Usb-stick (sda). I used my desktop PC to transfer everything from SD-card (which only functions as "boot" now, and occasional backup). After staring at the (correct) user rights on /etc/sudoers and /etc/and some other files for hours, i realized the root dir / itself had its rights set incorrectly...! You never actually see those when you ls, but the fix is easy enough!

For me it was this:

1) Become root (remove the x in the first line of /etc/passwd on my desktop pc with a card reader, reboot the pi, login as root - no password!!)

2)

Code: Select all

chmod / 755

User avatar
reverendfuzzy
Posts: 15
Joined: Sat Feb 24, 2018 7:22 pm
Location: Hattiesburg, MS, USA
Contact: Website Facebook Skype Twitter YouTube

Re: Sudo unable to stat /etc/suders: Permission denied

Mon Feb 25, 2019 12:08 am

plugwash wrote:
Thu Jul 31, 2014 1:35 pm
Since it appears you have only changed the ownership not the permissions do not make things worse by messing with the permissions too. Some files are not world readable for a very good reason.

I'd suggest booting with init=/bin/sh and doing

chown -R root /etc

And seeing what state that brings you to.
That fixed it for me ... Thanks a gig.
--
Reverend Fuzzy
Pastor, MSB Ministries
Hattiesburg MS USA

Return to “General discussion”