none
Correcting syntax error in sudoers file on Ubuntu Virtual Machine

    Question

  • Hello,

    I accidentally messed with visudo and locked myself out from sudo on an Ubuntu Virtual Machine. Isn't there a way to edit that or reset using some automation script, rather than deleting and recreating the whole machine, as described in https://docs.microsoft.com/en-us/azure/virtual-machines/linux/troubleshoot-recovery-disks-portal, which looks a very hard way around?

    Thanks, Chris

    Thursday, September 14, 2017 9:36 AM

All replies

  • Try  “Reset password” option from the portal and then select "Reset SSH configuration only" option and let us know.

    Refer the below article:

    https://docs.microsoft.com/en-us/azure/virtual-machines/linux/troubleshoot-ssh-connection

    --------------------------------------------------------------------------------------------------

    Do click on "Mark as Answer" on the post that helps you, this can be beneficial to other community members

    Thursday, September 14, 2017 10:08 AM
    Moderator
  • Thank you for the helpful answer but nope, it didn't fix my issue, I still got syntax error in /etc/sudoers and can't sudo.
    Friday, September 15, 2017 7:50 AM
  • Could you share the syntax error along with screenshot.

    --------------------------------------------------------------------------------------------------

    Do click on "Mark as Answer" on the post that helps you, this can be beneficial to other community members

    Saturday, September 16, 2017 9:48 AM
    Moderator
  • >>> /etc/sudoers: syntax error near line 31 <<<
    sudo: parse error in /etc/sudoers near line 31
    sudo: no valid sudoers sources found, quitting
    sudo: unable to initialize policy plugin

    I can't upload images (yet) due to the forum policy. Anyway, any attempt to use sudo renders the error above.

    Obviously I can't investigate the line 31 of the file as my users has no rights to it and ... it cannot sudo :)

    I should have probably changed the root's password to something I know and now I could use su, but it was to easy just to start messing around with sudo...

    Or perhaps is there away to change root password of an existing machine using Azure portal?

    Thanks, Chris

    Monday, September 18, 2017 9:00 AM
  • I would suggest you to check the steps mentioned in the below documents:

    https://docs.microsoft.com/en-us/azure/virtual-machines/linux/using-vmaccess-extension

    Also, refer the below links related to root password:

    https://serverfault.com/questions/680460/how-to-reset-root-password-on-a-linux-vm-on-windows-azure

    https://stackoverflow.com/questions/24313562/root-login-ubuntu-vm-on-azure

    --------------------------------------------------------------------------------------------------

    Do click on "Mark as Answer" on the post that helps you, this can be beneficial to other community members


    Wednesday, September 20, 2017 12:45 PM
    Moderator
  • Thank you for valuable tips. My case is now solved.

    FYI, the recipes from https://docs.microsoft.com/en-us/azure/virtual-machines/linux/using-vmaccess-extension didn't really help against the case of broken /etc/sudoers file, as you can't reset root user password this way and newly created sudo users still could not sudo.

    BUT

    I followed the links to the reference of Azure CLI and managed to fix my case using this:

    az vm run-command invoke -g <res> -n <vm> --command-id RunShellScript --scripts "..."

    For example you can copy and move files between locations on the target machine and change their permissions.  Well, you can do basically anything with this, because those --scripts are apparently run in the root context on the target machine.  Hurray for Azure.

    Thank you guys for your help!

    Monday, October 09, 2017 9:14 PM
  • Awesome :)Glad to know issue got resolved and Thank you for sharing the information as this might help other users.

    ------------------------------------------------------------------------------------------
    Do click on "Mark as Answer" on the post that helps you, this can be beneficial to other community members

    Tuesday, October 10, 2017 8:23 AM
    Moderator
  • Yep. Any problem with sudoers should by solvable by

    az login
    az vm run-command invoke -g <res> -n <vm> --command-id RunShellScript --scripts "chmod 446 /etc/sudoers"
    <log in as regular user and edit /etc/sudoers out>
    az vm run-command invoke -g <res> -n <vm> --command-id RunShellScript --scripts "chmod 440 /etc/sudoers"

    I think it's useful as there are other threads on this forum that advise reinstantiating the virtual machine. I reckon this is much cheaper way, at least for simple cases as mine.


    Saturday, October 14, 2017 11:08 AM