How to modify an invalid '/etc/sudoers' file?
Solution 1:
On a modern Ubuntu system (and many other GNU/Linux distributions), fixing a corrupted sudoers
file is actually quite easy, and doesn't require rebooting, using a live CD, or physical access to the machine.
To do this via SSH, log in to the machine and run the command pkexec visudo
. If you have physical access to the machine, SSH is unnecessary; just open a Terminal window and run that pkexec
command.
Assuming you (or some other user) are authorized to run programs as root
with PolicyKit, you can enter your password, and then it will run visudo
as root
, and you can fix your /etc/sudoers
.
If you need to edit one of the configuration files in /etc/sudoers.d
(which is uncommon in this situation, but possible), use pkexec visudo -f /etc/sudoers.d/filename
.
If you have a related situation where you have to perform additional system administration commands as root to fix the problem (also uncommon in this circumstance, but common in others), you can start an interactive root shell with pkexec bash
. Generally speaking, any non-graphical command you'd run with sudo
can be run with pkexec
instead.
(If there is more than one user account on the system authorized to run programs as root
with PolicyKit, then for any of those actions, you'll be asked to select which one you want to use, before being asked for your password.)
If that doesn't work--for example, if there are no users authorized to run programs as root via PolicyKit--then boot from an Ubuntu live CD (like the CD you probably used to install Ubuntu) and mount the filesystem for the installed system. You can do this by running
sudo parted -l
to view your partitions--there is probably just one ext4 partition, and that's the root filesystem.
Suppose the installed Ubuntu system's root filesystem is on /dev/sda1
. Then you could mount it with sudo mount /dev/sda1 /mnt
. Then you can edit the installed system's sudoers file with sudo nano -w /mnt/etc/sudoers
. Or, even better, you can edit it with
sudo visudo -f /mnt/etc/sudoers
(which will prevent you from saving a sudoers file with incorrect syntax).
Solution 2:
Always use visudo
to edit your sudoers file, never edit it directly yourself. It will prevent you saving it to disk unless it validates.