Today I broke my sudo access in ubuntu by removing my user account from: System > Administration > Users and Groups > Properties (button) > User Privileges (tab) > Administer the system (tick box).
I found a very useful article here which explains how to recover from the situation. Just in case the link is broken in the future here is a brief description of what to do:
The two important files are: /etc/sudoers and /etc/group
The /etc/group file will look like this:
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:firstuser
tty:x:5:
disk:x:6:
lp:x:7:cupsys
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:firstuser,cupsys
fax:x:21:
voice:x:22:
cdrom:x:24:firstuser,haldaemon
floppy:x:25:firstuser,haldaemon
tape:x:26:
sudo:x:27:
audio:x:29:firstuser
dip:x:30:firstuser
www-data:x:33:
backup:x:34:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:
gnats:x:41:
shadow:x:42:
utmp:x:43:
video:x:44:firstuser
sasl:x:45:
plugdev:x:46:firstuser,haldaemon
staff:x:50:
games:x:60:
users:x:100:
nogroup:x:65534:
dhcp:x:101:
syslog:x:102:
klog:x:103:
firstuser:x:1000:
lpadmin:x:104:firstuser
scanner:x:105:firstuser,cupsys
admin:x:106:firstuser
crontab:x:107:
ssh:x:108:
messagebus:x:109:
haldaemon:x:110:
slocate:x:111:
If your broken user is missing from the admin group /etc/group file then your sudo will be broken for this user because you have to be a member of this group in order to execute sudo commands.
Question:
But how do you edit this file if you can’t “sudo nano /etc/group” or “sudo vi /etc/group” ?
(because the file is owned by root)
Answer:
You must start ubuntu in “recovery” mode which will log you in as “root”.
Once logged in as root you will have permission to edit /etc/group or any other file on the system that has become corrupted.
Just add your username to the admin group (there is also a group called “adm”, but the “admin” group is the important one!) That’s it!
