You are not logged in.
- Topics: Active | Unanswered
#1 2023-01-21 18:53:55
- gulatihardik10
- Member
- Registered: 2020-01-14
- Posts: 60
[SOLVED] Password gets removed from sudoers
Hello, I have replaced a lot of pacnew files with original and thus have replaced file which contains password information might be sudoers and thus now I can't access sudo command and also can't go back even through timeshift.
Did this after full system upgrade.
Using arch linux.
Please help
Last edited by gulatihardik10 (2023-06-04 14:43:33)
Offline
#2 2023-01-21 19:43:40
- Cbhihe
- Member
- Registered: 2017-04-09
- Posts: 219
Re: [SOLVED] Password gets removed from sudoers
What "pacnew files" have you replaced and with what ? (Replacing *.pacnew files with anything should not affect your system configuration. Those files are not used by the system until you suppress their ".pacnew" suffix.)
Last edited by Cbhihe (2023-01-21 19:47:16)
I like strawberries, therefore I'm not a bot.
Offline
#3 2023-01-21 19:44:59
- V1del
- Forum Moderator
- Registered: 2012-10-16
- Posts: 21,671
Re: [SOLVED] Password gets removed from sudoers
pacnew files are for checking and merging changes you did, if there was a point in blindly replacing everything with them they wouldn't be created as pacnew files.
Use the root account with su and fix your sudoers
Offline
#4 2023-01-21 19:51:36
- Cbhihe
- Member
- Registered: 2017-04-09
- Posts: 219
Re: [SOLVED] Password gets removed from sudoers
Oh, i see i understood OP all too literally. They replaced their original files withthe content of their ".pacnew" files....
If somehow you don't have access to root, the only way left for you to get out of this bind is to boot from usb iso archlinux, chroot into your installed system and rebuild '/etc/sudoers'
Last edited by Cbhihe (2023-01-21 19:52:51)
I like strawberries, therefore I'm not a bot.
Offline
#5 2023-01-21 20:18:27
- gulatihardik10
- Member
- Registered: 2020-01-14
- Posts: 60
Re: [SOLVED] Password gets removed from sudoers
Thanks for reply,
I have replaced sudoers, shadow and many other files.
After searching a bit able to know that root passwords are saved in shadow file while user login saved in sudoers file.
As replaced both, so not able to access root account.
Currently logged into the system so if I logged out will not be able to login back.
So is there any option to change something back like running timeshift without entering password.
Thank you
Offline
#6 2023-01-21 20:30:59
- WorMzy
- Forum Moderator
- From: Scotland
- Registered: 2010-06-16
- Posts: 11,846
- Website
Re: [SOLVED] Password gets removed from sudoers
If you have a root shell already, you may be able to restore the latest shadow backups (/etc/group-, /etc/gshadow-, /etc/passwd-, /etc/shadow-). If not, you will need to boot a LiveCD and restore the files from there.
If you don't have the backup files, perhaps you can use timeshift from the live environment to revert the damage. (I've never used timeshift so couldn't tell you)
Sakura:-
Mobo: MSI MAG X570S TORPEDO MAX // Processor: AMD Ryzen 9 5950X @4.9GHz // GFX: AMD Radeon RX 5700 XT // RAM: 32GB (4x 8GB) Corsair DDR4 (@ 3000MHz) // Storage: 1x 3TB HDD, 6x 1TB SSD, 2x 120GB SSD, 1x 275GB M2 SSD
Making lemonade from lemons since 2015.
Online
#7 2023-01-21 22:07:18
- gulatihardik10
- Member
- Registered: 2020-01-14
- Posts: 60
Re: [SOLVED] Password gets removed from sudoers
Not able to access shadow file, without root I didn't have permission to read and write.
I think, only option to recover is chrooting from liveusb as suggested.
Offline
#8 2023-01-22 12:50:14
- Cbhihe
- Member
- Registered: 2017-04-09
- Posts: 219
Re: [SOLVED] Password gets removed from sudoers
In fact you can do this in a few minutes, by mounting the root volume to "/mnt" and any other important volume as follows if separate partitions exists for them (e.g the boot partition on to /mnt/boot, the efi (FAT32) partition onto /mnt/boot/efi, etc..).
then chroot ito the sytem and just recreate the password for the root user. You can then quit the "arch-chroot" shell, umount all mounted volumes and reboot as root in your regular OS. From there you can rebuild your regular user passwords and permission, logging in as root.
I like strawberries, therefore I'm not a bot.
Offline
#9 2023-01-22 13:57:13
- gulatihardik10
- Member
- Registered: 2020-01-14
- Posts: 60
Re: [SOLVED] Password gets removed from sudoers
Yes, I also get to the topic in some other side instructing same process but have done using liveusb for now.
But will try to use mounting method incase done something similar ?
Offline
#10 2023-01-22 18:31:25
- Cbhihe
- Member
- Registered: 2017-04-09
- Posts: 219
Re: [SOLVED] Password gets removed from sudoers
@gulatihardik10: I am not sure I understand fully what you wrote last, although there seems to be some misunderstanding.
What you probably want to do is to use a recent Archlinux ISO image on a USB drive, and to boot from it. Once in the live ISO Arch linux environment, you need to mount the various local system partitions (not the live system's) as pointed out in #8, e.g. mount:
- the local root volume to "/mnt"
and any other important volume as follows if separate partitions exists for them, e.g.:
- the boot partition on to /mnt/boot,
- the efi (FAT32) partition onto /mnt/boot/efi,
- etc.
How this is done depends on your local system's /etc/fstab contents. Read on /etc/fstab before proceeding: https://wiki.archlinux.org/title/Fstab
Once all the system's partitions are mounted, you can "chroot" into your local system with
# arch-chroot /mntThat will place you inside your local system as "root". Once that is the case you can set the root password for your local system.
arch-chroot # passwd
...Once done with setting the root passwd, you can also set the regular user's password and rebuild your /etc/sudoers. Read on /etc/sudoers before you modify it in any way (https://wiki.archlinux.org/title/Sudo#Configuration):
arch-chroot # passwd USER_NAME
...
arch-chroot # vim /etc/sudoers
...I like strawberries, therefore I'm not a bot.
Offline