Search this site:

2008-09-27

sudo and /etc/sudoers...


I have just done something very stupid...

I was connecting to a Mac OS X box in my office remotely and I tried to grant rights to certain users to run the sudo command. Here is what I did:

  1. sudo vi /etc/sudoers
  2. edit the file
  3. :wq (i.e. save and quite in vi)

Experienced users should be able to point out my stupid mistake here. Yes, I should never edit the sudoers file directly using an non-root user... Reason? It is really simple - what if I accidentally screw up the file?
$ sudo vi /etc/sudoers
>>> sudoers file: syntax error, line 23 <<<
sudo: parse error in /private/etc/sudoers near line 23


Just like this.

...

Yes. I have no way to fix the problem until I can get back to the office next Monday and boot the box into single-user mode.

Hurray! No more work this weekend!

...

Anyway, remember to use the visudo command to change the file, it can help to check the syntax before finalizing changes... Or at least I should su to root before editing this file, so that I don't need sudo to fix the sudo problem...

Note: this is not only applicable to Mac OS X but also other *-nix system too.

2008-09-29 Updated: I finally got back to office and boot the Mac into single-user mode. However, I need one more trick to update the files as the root filesystem is mounted at read-only by default. Here is the trick:
# mount -uw /


No comments:

Post a Comment

HTML Tags allowed (e.g. <b>, <i>, <a>)

Disclaimer

ALL CONTENTS AND INFORMATION IN THIS WEB SITE ARE PROVIDED "AS IT" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED. THE ACCURACY AND AVAILABILITY OF THE CONTENTS, INFORMATION AND THE WEB SITE ITSELF ARE NOT GUARANTEED. THE AUTHOR TAKES NO RESPONSIBILITIES ON ANY COSTS OR DAMAGES (DIRECT OR INDIRECT) ARISING OUT OF OR IN CONNECTION WITH THE ACCESS, USAGE OR INABILITY OF USAGE OF THIS WEB SITE.