Lost my keys - not in sudoers anymore
- Inicie sesión o regístrese para enviar comentarios
Hello Freedom fighters!
I have just installed Trisquel and likes it.
But I have already f*cked up.
I have somehow managed to get me out of the sudoes group.
what I have done; was to add myself to the www-data group could this be related?
(sudo usermod christian -G www-data)
More importantly, how can i get myself back in the sudoers group??
I am a translator!
Never had that issue but I see someone posted the exact same question here and there are some answers. hope you can solve it
http://unix.stackexchange.com/questions/168881/fedora-how-can-i-add-myself-back-to-sudoers-file
welcome to the trisquel community!
Thanks supertramp,
look like a good link, I will have a go
According to the man page for usermod, this is what the -G option does.
If the user is currently a member of a group which is not listed, the user will be removed from the group. This behaviour can be changed via the -a option, which appends the
user to the current supplementary group list.
If you had used the -a option, this wouldn't have happened. One way to fix it would be to boot from a live CD and chroot into your Trisquel partition.
Hi Legimet,
it works!
seems we can learn a bit everyday...
That little -a is really important here...
Trying to modify the command line from grub promted me for root password... so that was a nogo.
so, as you suggested, I had to start from the livecd.
I modified the /etc/group by hand and added my user to the same groups that the trisquel user was in from the live cd.
but there are some of the groups i have no idea what the reason is for.
can someone verify that the groups i have added myself to are sane.
> cat /etc/group | grep christian
adm:x:4:syslog,christian
dialout:x:20:christian
cdrom:x:24:christian
floppy:x:25:christian
sudo:x:27:christian
audio:x:29:pulse,christian
dip:x:30:christian
www-data:x:33:christian
video:x:44:christian
plugdev:x:46:christian
users:x:100:christian
lpadmin:x:108:christian
christian:x:1000:
sambashare:x:120:christian
especially 'dip','adm' and 'dialout'
Hi and welcome! :)
Looks pretty good. Somebody who hasn't messed around with their groups could pop open a terminal and input
groups
to compare.
From almost any GNU/Linux distribution, you can boot an entry that says "recovery mode" and you will be presented a root terminal where you can fix anything... or break things more!
Unfortunately, Trisquel uselessly makes your system harder to repair: you have to fight to end up with a root terminal! You can, for instance, 'chroot' from a Live system: https://help.ubuntu.com/community/Grub2/Installing#via_ChRoot
To have a "recovery mode" entry in GRUB, comment the following line in /etc/default/grub:
GRUB_DISABLE_RECOVERY="true"
Then execute:
$ sudo update-grub
To not have the useless GRUB password you faced, you can comment all lines in /etc/grub.d/01_PASSWORD and then run 'sudo update-grub'.
When I write that the GRUB password is useless, I am actually repeating what GRUB's developers state in their documentation ( https://www.gnu.org/software/grub/manual/grub.html#Security ):
By default, the boot loader interface is accessible to anyone with physical access to the console: anyone can select and edit any menu entry, and anyone can get direct access to a GRUB shell prompt. For most systems, this is reasonable since anyone with direct physical access has a variety of other ways to gain full access, and requiring authentication at the boot loader level would only serve to make it difficult to recover broken systems.
Agreed, that is a stupid default...
- Inicie sesión o regístrese para enviar comentarios