/etc/sudoers file corrupted and I can't run 'pkexec visudo' over SSH

ssh sudo 16.04 policykit pkexec

Following the instruction here I get:

pkexec visudo

==== AUTHENTICATING FOR org.freedesktop.policykit.exec ===
Authentication is needed to run `/usr/sbin/visudo' as the super user
Authenticating as: Thomas,,, (tuc) Password:  polkit-agent-helper-1:
error response to PolicyKit daemon:
GDBus.Error:org.freedesktop.PolicyKit1.Error.Failed: No session for
cookie
==== AUTHENTICATION FAILED === 
Error executing command as another user: Not authorized

This incident has been reported.

I am doing this via ssh since the box I am doing this on is used as a music server with no screen and is rather inaccessible. This happened when I upgraded from Ubuntu 14.04 to 16.04. I tried to copy a sudoers file from another recent 16.04 installation, but I can't do that because of the sudoers file:

sudo mv ~/gyrf sudoers

>> /etc/sudoers: syntax error near line 36 <<<
>> /etc/sudoers: syntax error near line 37 <<<
>> /etc/sudoers: syntax error near line 38 <<<
>> /etc/sudoers: syntax error near line 39 <<<
>> /etc/sudoers: syntax error near line 40 <<<
>> /etc/sudoers: syntax error near line 41 <<<
>> /etc/sudoers: syntax error near line 42 <<<
>> /etc/sudoers: syntax error near line 43 <<<
>> /etc/sudoers: syntax error near line 44 <<<
>> /etc/sudoers: syntax error near line 45 <<<
>> /etc/sudoers: syntax error near line 46 <<<
>> /etc/sudoers: syntax error near line 47 <<<
>> /etc/sudoers: syntax error near line 48 <<<
>> /etc/sudoers: syntax error near line 49 <<< 
sudo: parse error in /etc/sudoers near line 36    
sudo: no valid sudoers sources found, quitting sudo: unable to initialize policy plugin

Should I go get the box from the attic and try pkexec visudo or is something else wrong here?


Solution 1:

I ran into this problem also and with some digging, found a working solution. The original solution is from this github issue for NixOS by EstalillaJ.

  1. Open two ssh sessions to the target server.

  2. In the first session, get the PID of bash by running:

    echo $$

  3. In the second session, start the authentication agent with:

    pkttyagent --process (pid from step 2)

  4. Back in the first session, run:

    pkexec visudo

  5. In the second session, you will get the password prompt. visudo will start in the first session.

Solution 2:

My answer based on Satyen's

It was tested on Debian 10.4 WITHOUT ability to run visudo

  1. Open two ssh sessions to the target server.

  2. In the first session, get the PID of bash by running:

    echo $$

  3. In the second session, start the authentication agent with:

    pkttyagent --process (pid from step 2)

  4. Back in the first session, run:

    pkexec su

  5. In the second session, you will get the password prompt. su will start in the first session.

  6. Edit /etc/sudoers by (CTRL+S to save edits, CTRL+X to exit)

    nano /etc/sudoers

Related

What are some useful keyboard shortcuts? [closed]
How do I run a sudo command needing password input in the background?
Why is moving directories to /dev/null dangerous?
How to make Terminal semi-transparent?
How can I install OpenJDK on Ubuntu 16.04? [duplicate]
How do I open a folder as root?
Convert library of WMA tracks to MP3's?
CIFS mount through fstab not mounting at boot
How to fix "The destination is read-only" error on HDD partition
How do I quit top without leaving the output on the terminal?
MySQL 5.5 Update to MySQL 5.7
Google Earth stereoscopic 3D browsing