53

I am getting this error:

sudo: parse error in /etc/sudoers near line 23
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin

I was trying to disable password authentication so I don't have to type password every time I want to install something, but I probably changed it in a not very good way. I am a newbie to Ubuntu, I got sick of Windows :)

So far I've found some people suggesting booting in single user mode, but I'm afraid of messing things up more.

How can I fix this error?

Alaa Ali
  • 31,075
  • 11
  • 94
  • 105
Robert Fáber
  • 531
  • 1
  • 4
  • 3
  • If you boot in single user mode and use `visudo`, then it won't let you save an incorrect file, so you will not be able to mess things up further. – nanofarad Oct 30 '12 at 11:18
  • Thank you, how do I change the file, then? And, how exactly do I boot in single user mode? – Robert Fáber Oct 30 '12 at 11:19
  • Hold Shift immediately while booting so that you get the GRUB screen. Select the recovery mode. Choose to drop to a root terminal. Run `mount -n -o remount,rw /` and then `visudo`. Ctrl+O saves, Ctrl+X exits without saving. It won't let you save a bad file. – nanofarad Oct 30 '12 at 11:21
  • 2
    @ObsessiveSSOℲ it would be nice to convert the comment to answer and let the questioner to mark it as the best answer. For future - help - others I mean. – NickTux Oct 30 '12 at 12:14
  • Deactivating that password switch is about as bad as deactivating UAC on Windows. Every command that tries so call `sudo` internally can do without any problems. You could easily have some software (rootkit) installed without you knowing. I would *strongly* discourage doing this in the first place. – Martin Ueding Oct 30 '12 at 12:35
  • I know, I know, it was a huge mistake. Thank you all for your answers. – Robert Fáber Oct 30 '12 at 22:12
  • This is a statement, not a question. – psusi Sep 15 '13 at 01:38
  • @psusi and close voters: huh? It's a question, with proper answers. It's just missing a "how can I fix this error" sentence, which I've just added. There's no need to close it. – Alaa Ali Sep 15 '13 at 17:46
  • @Alaa, it says this is what happened, and this is what I have already been told to do to fix it. That's not a question. – psusi Sep 15 '13 at 18:26
  • @psusi when problems are questions? He is asking how to revert it back, and is giving us the history of his actions, he describe his problems, he got [a solution](http://askubuntu.com/questions/209558/how-can-i-fix-broken-sudo-sudo-parse-error-in-etc-sudoers-near-line-23#comment260240_209558). Why close it? – Braiam Sep 16 '13 at 00:22
  • @Braiam, because the "solution" is *in* the "question". Without knowing why that isn't acceptable ( besides "I'm afraid" ) it isn't possible to provide a real answer. – psusi Sep 16 '13 at 01:36
  • 2
    On newer Ubuntu distributions, there's a simple solution (not requiring any reboot nor recovery), described here: http://askubuntu.com/a/73872 –  Aug 28 '14 at 11:23
  • Isn't there already an answer http://askubuntu.com/questions/73864/how-to-modify-a-invalid-etc-sudoers-file-it-throws-out-an-error-and-not-allowi actually. Just type `pkexec visudo` – xji Apr 03 '15 at 10:18

6 Answers6

61

Fixing this is dead simple, and it is answered elsewhere on askubuntu.

Short answer, use:

pkexec editor_of_choice
Community
  • 1
NeilenMarais
  • 948
  • 8
  • 16
  • 2
    This is definitely the simplest and best answer. I had no clue pkexec existed. Thanks a lot both – Bizmate Apr 14 '16 at 17:05
  • 4
    When I do pkexec, it gives list of users to authenticate. When I type password, it gives Authentication failure. Please help. – Shyamkkhadka May 24 '18 at 05:44
  • 5
    @Shyamkkhadka I ran into this also. [This solution on GitHub](https://github.com/NixOS/nixpkgs/issues/18012#issuecomment-335350903) saved me and about a hundred other people. – gillytech Feb 19 '20 at 18:49
  • This didnt work for me with an error " No session for cookie " but I did this in two terminals: In the first terminal run the following command to get its PID. echo $$ In the second terminal run pkttyagent --process PID_FROM_STEP_1 Then you can run "sudo pico /etc/sudoers" or whatever you want in first terminal, and the second terminal will ask for user password. and will work – DefToneR May 04 '21 at 21:08
  • thx, useful compare to reboot in recovery mode red-tape procedures... https://stackoverflow.com/a/58195402/3806250 and https://stackoverflow.com/a/58199760/3806250 – Rγσ ξηg Lιαη Ημ 雷欧 Jan 14 '22 at 18:36
19

Hold Shift immediately while booting so that you get the GRUB screen. Select the recovery mode. Choose to drop to a root terminal. Run mount -n -o remount,rw / and then visudo. It'll let you fix your problems with the file and save. It won't let you save a malformed file.

nanofarad
  • 20,597
  • 12
  • 65
  • 91
3

Folowing solution is for remote servers, it works!

http://ubuntuforums.org/showthread.php?t=2036382&p=12144840#post12144840

then just use visudo to add wheel, etc

  1. Rename your current file

    mv /etc/sudoers{,.bak}

  2. Create a new one vi /etc/sudoers with the following basic content:

    # /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the man page for details on how to write a sudoers file.
# Defaults    env_reset
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root    ALL=(ALL) ALL
# Allow members of group sudo to execute any command after they have
# provided their password
# (Note that later entries override this, so you might need to move
# it further down)
%sudo ALL=(ALL) ALL
#
#includedir /etc/sudoers.d
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

  3. Run visudo and add your custom stuff.

Kevin Bowen
  • 19,395
  • 55
  • 76
  • 81
Igor Parra
  • 209
  • 1
  • 5
2

If u messed up your sudoers file.You'll need to:

  • Reboot into recovery mode (hit escape during boot, choose the recovery mode option on the grub screen)
  • Choose the 'Enable networking' option (if you don't your filesystem will be mounted as read-only. who knew)
  • Chosee the 'Drop to root shell' option
  • run visudo, fix your file
  • Reboot with normal grub option

source :- http://mario.net.au/content/recover-etcsudoers-ubuntu-1204

streak
  • 269
  • 2
  • 5
  • 1
    Follow up question: When I choose the `Enable networking` option, I'm prompted to tell the system that I'm sure. I do that and I just drop into nothing. No root prompt, nothing. What should I expect to see/do after the 2nd step? Thanks. – Rob Wilkerson Jan 23 '13 at 14:25
2

You can do this:

Create a copy

cp /etc/sudoers /etc/sudoers.bak

Edit problem parts there

vim /etc/sudoers.bak

Replace the origin sudoers file

cp /etc/sudoers.bak /etc/sudoers

It works for me.

ajile
  • 144
  • 4
1

I screwed up the sudoers file to find out that I don't remember the root password. Solution: rebooted under Windows (I have a dual boot) and edited the file using ext2fsd (you have to reboot after the installation). In principle, this could be another Linux or a live flash, not necessarily Windows.

18446744073709551615
  • 489
  • 1
  • 6
  • 13
  • A lot of people dual-boot Windows and Ubuntu, so this is a solid approach! I know been a while since you've posted this answer... but might you be willing to [edit] this to expand it with detailed information about specifically how to set up and use ext2fsd for this purpose? – Eliah Kagan Jan 09 '17 at 01:29