Modern Linux systems don’t have traditional root users – I don’t know what my root password is, and have never needed to type it in. Instead I use sudo to do superuser things to my system. I think we can partially blame Apple for this idea as my Ubuntu system operates in a very similar way to my Macbook.
The /etc/sudoers file controls the use of sudo, defining who can use it and what they can do. It’s managed by the handy command
which starts up your favourite editor and allows changes to be safely made. Notice how you need sudo in order to be allowed to edit its configuration file. What happens if you damage your sudoers file by introducing a syntax error or removing a vital line by mistake?
Well… you’re somewhat stuck. You can’t log in as root because there is no root password, you can’t manually edit the sudoers file because it’s only readable by root, and you can’t start up a root shell using sudo… because it is probably confused and won’t let you run anything.
It’s quite easy to fix though, but you will need physical access to the machine, a keyboard and a monitor. The machine will need to be rebooted safely (a tricky task if you aren’t root).
I shall assume you have the grub bootloader, and are sat at the machine using a keyboard plugged directly into it, looking at a monitor connected directly to the machine. This won’t work over SSH.
First, switch the machine on and wait for the grub loader to prompt for a kernel to boot. Now press the e button to edit the grub config, a simple editor should appear.
Find the line that looks something like this
linux /boot/vmlinuz-2.6.32-22-generic-pae root=UUID=afb72950-fffb-46e3-9d5b-4cf88eaa954f ro quiet splash
and at the end, add the following text
Now press ctrl-x to boot the machine. It will quickly boot into a very minimal system, nothing will be running apart from the shell and the root filesystem will be mounted read-only.
Remount the root filesystem read-write by typing
mount -o remount,rw /
Your root filesystem is now mounted read-write and you are the root user, you have full access to the entire boot drive and can do anything to it.
Repair your sudo config by typing
Now mount the root filesystem read-only so that it correctly syncs and clears the disk buffers – if you don’t do this, you could corrupt your filesystem
mount -o remount,ro /
Now reboot. Since the root filesystem is read-only, you can just press the computer’s reset switch, press ctrl-alt-del or even pull the power cord out.
Boot the machine as usual and see if you have correctly fixed the problem.
This technique will also let you recover from a corrupt boot sequence, change the root password on an older Linux system, and can also be used to reset any user’s password – for example if you have just acquired a second-hand Linux machine and don’t know its password. It’s also a good reason to keep your machine in a safe location – a few short keystrokes on the connected keyboard will allow anybody to modify your machine without leaving a trace beyond a reboot.