4

I am running ubuntu 14.04 in DardDrive. I was taking the Steps for Setting up and Running sudo located here http://snag.gy/JAGgt.jpg. But every I type sudo "whatever" as user ($), I get the following message: 

 sudo: unable to stat /etc/sudoers.d/README: Permission denied
 sudo: unable to stat /etc/sudoers.d/ken: Permission denied.

so I leveled up as root and did ls -l | grep sud. See the following: 

root@ken-:/etc# ls -l | grep sud
-rw-r-----  1 root root       745 mar 19 12:11 sudoers
drwxr-----  2 root root      4096 mar 19 14:53 sudoers.d

Based on the instructions on how to configure sudo, I should make a directory named same as my username in sudoers.d directory and in that file I have to just type ALL(ALL)LL on the user name. but, I also did a chmod 440 on that file, which makes it look like this: 

root@ken-Inspiron-5558:/etc/sudoers.d# ls -l
total 8
-r--r----- 1 root root  22 mar 19 14:53 ken
-r--r----- 1 root root 958 mar 19 12:16 README

At this point when I level down using sudo su ken, and want to get into sudoers.d I keep getting the permission denied statement.

I am not even able to access sudoers.d as user, see this: 

ken@ken-Inspiron-5558:/etc$ cd /etc/sudoers.d/
 bash: cd: /etc/sudoers.d/: Permission denied-
Byte Commander
  • 110,243
Ken Sandoval
  • 381

4 Answers4

2

You should have not added anything to /etc/sudoers.d/!
This is simply unnecessary and dangerous (as you see). All admin users (including the default user account that gets created during the installation) are already allowed to use sudo to run commands with root privileges.

Remove the file /etc/sudoers.d/ken again and revert all changes you might have done to /etc/sudoers.d.
You can use pkexec as temporary replacement for sudo to fix the issues while that does not work:

pkexec rm /etc/sudoers.d/ken

Admin users on Ubuntu are defined by their group membership in the sudo (formerly admin) group.

When you add new admin users through the Unity Control Center GUI, it will take care of those group memberships automatically.

When you add a new user from the terminal using sudo adduser USERNAME, it will not be a member of any additional group. In this case, you have to add those two groups manually to make the account an administrator that is allowed to use sudo:

sudo adduser USERNAME sudo

And in the rare case where you really would have to edit /etc/sudoers or a file in /etc/sudoers.d/, never do that manually but **always use sudo visudo to edit it! This command will verify the files and check for errors before applying the changes and prevent leaving you with a ruined sudo command.

Byte Commander
  • 110,243
2

First, based on the instructions it's ALL=(ALL) ALL , so there's one mess up.

Second , instructions say If your system does not already have sudo set up and enabled , which you really should have checked before doing the rest.

Third, just remove that ken file. Your username is added to sudo group automatically during installation (if that's the username you picked during installation of course, and not created manually).

Finally, look at your /etc/sudoers.d permissions:

root@ken-:/etc# ls -l | grep sud
-rw-r-----  1 root root       745 mar 19 12:11 sudoers
drwxr-----  2 root root      4096 mar 19 14:53 sudoers.d

A directory requires execute permissions bit set in order to navigate into it. You cannot navigate into the directory because only the owner( root ) has x set for it (Related post on serverfault demonstrates that well enough). So your navigation to /etc/sudoers.d issue has nothing to do with sudo but with folder permission bits

But if you are still unconvinced heres a demo on a directory, owned by my user, in my home folder.

$ ls -ld testdir                                               
drwxrwxr-x 2 xieerqi xieerqi 4096 Mar 17 16:34 testdir/
$ chmod -x testdir
$ cd testdir
/bin/mksh: cd: /home/xieerqi/testdir: Permission denied
Community
  • 1
Sergiy Kolodyazhnyy
  • 107,582
0

I resolved issue by elevating as root, then did root@root# chmod 755 /root/etc/sudoers and sudoers.d. Since I am the only one who uses the computer, I don't really mind having permissions set open for ugo.

Ken Sandoval
  • 381
-1

Ubuntu has sudo already installed. Normal users will not be able to change directory to /etc/sudoers.d

In screenshot you have provided, author want to use sudo command as student user.

For this you have to first create a user called student

# useradd student


Add student to sudoers
# vi /etc/sudoers.d/student

insert following in it
student ALL=(ALL) NOPASSWD:ALL

save the file

restart ssh

Now hopefully you can run all sudo commands and be a sudo like below ;)

$ sudo su
Byte Commander
  • 110,243
Prakash
  • 158
  • 1
  • 1
  • 9