how to fix a /etc/sudoers typo when the root password is unknown

Copyright © 2011 Matt Osmus - matt@osmus.org

Introduction:

This procedure will attempt to correct a /etc/sudoers file when the root password is not known. The host shall be booted in single user mode with read and write permissions on the root partition. This has been tested successfully on a virtual machine. Although this was written with Debian in mind, it should work for most Linux distributions. It is assumed that the system is using grub as the boot loader. This procedure does not require a rescue disc.

Step 1, Boot into grub:

boot to grub

This is the default grub boot interface that shows up at the beginning of booting a system that uses grub as the boot loader. Use the arrow keys to select the kernel you would like to use (usually the first one) and press "e" to edit the commands.

Step 2, Select the kernel line for editing:

select the kernel line

Use the arrow keys to move to the "kernel" line. Then press "e" to edit the line. Note that the kernel entries may not be exactly the same as the above image due to differing hardware and kernels.

Step 3, Edit the kernel line:

change the kernel line

Change "ro" to "rw" (this changes the root partition after boot to read/write instead of read only), and add "init=/bin/bash" (this will execute bash immediately after the system is booted). Note that in the above image, a "h" is missing at the end of the line. That is because the line is too long to be shown on one screen, so it was intentionally left off for documenting purposes. A "h" is needed.

Step 4, Boot with the altered kernel line:

altered kernel line

This is what the corrected "kernel" line should look like. Press "b" to boot with these alterations. The system should then boot.

Step 5, Edit the /etc/sudoers file:

bash prompt after boot

Once booted, the system should drop the user directly into a root bash shell. From there, the user can directly edit the /etc/sudoers file with vi (or any desired editor as long as it is installed). Once the file is fixed, the host needs to be rebooted in regular mode. "shutdown -r now" did not work for the author during testing, so a hard switch off and on was used.

Conclusion:

This procedure should allow the user to edit any other file on the system as well, including resetting the root password with "passwd". Any questions or comments are welcome via email.

Valid XHTML 1.0 Strict - Valid CSS