Previous 1 2 3 Next 35 Replies Latest reply: May 19, 2008 5:09 PM by richard.lin
RSully Level 1 (40 points)
I have been running Ascentemu. Dont ask what it is, its just cool.

I compiled it myself...

Anyways, to run it I type:
sudo sh ascent.sh
sudo sh logonserver.sh

But when I do that i get:
"sudo: can't open /private/etc/sudoers: permission denied"

I repaired permissions but it did not help...
I made sure it is 0440 (read only for system and wheel)...

Please help!!
Sully

Mac Mini, Mac OS X (10.5.1), 1 External HD, 150 GB, iPod Touch 8GB
  • RSully Level 1 (40 points)
    BUMP
  • brainslice Level 2 (410 points)
    Looks like bad syntax..... get rid of "sh".

    sudo ascent.sh

    You know it doesn't matter what you name the script / binary. Just because it's script.sh doesn't necessarily mean you have to use the sh shell. It could be called script.purple.elephant and run in tcsh or whatever. If you have to use sh then launch it first and then do the sudo command.

    hth
  • RSully Level 1 (40 points)
    no, it is SH.. i need to do:
    sudo sh ascent.sh

    It does it even if i just type:
    sudo

    I might just end up turning the root account on... But I really would HATE to do that, it is a server. I dont want to worry about securlty..

    If anyone knows how to fix:
    sudo: can't open /private/etc/sudoers: Permission denied

    then please help me!!!

    For some reason it seems like the System cant read the file..
    I made sure it was 0440 (permissions)...

    I wil check it again, but if it is anything other than 0440 it yells at me...
  • RSully Level 1 (40 points)
    bumped pleasehelp me!!
  • Mark Jalbert Level 5 (4,630 points)
    I'm going to watch football but in the mean time post the following command and the output it produces.

    ls -le /private/etc/sudoers

    Be back some time tonight.
  • RSully Level 1 (40 points)
    i cant do nothing intill wednsday
  • RSully Level 1 (40 points)
    here:
    Sully:~ ryansully11$ ls -le /private/etc/sudoers
    -r--r----- 1 root wheel 1155 Jan 21 12:40 /private/etc/sudoers
  • Mark Jalbert Level 5 (4,630 points)
    Check the permissions on /usr/bin/sudo. Is the SUID bit set?

    What happens when you type- sudo -s and enter your admin password? Will this produce a root shell?
  • RSully Level 1 (40 points)
    it makes no diff... even with the "-s" i get:

    Sully:~ ryansully11$ sudo
    sudo: can't open /private/etc/sudoers: Permission denied
    Sully:~ ryansully11$ sudo -s
    sudo: can't open /private/etc/sudoers: Permission denied
    Sully:~ ryansully11$


    how do i check SUID?
  • brainslice Level 2 (410 points)
    To check the SUID bit, do the following....

    ls -l /usr/bin/sudo

    This should give you..
    "-r-s--x--x 1 root wheel 206K Sep 23 22:29 /usr/bin/sudo"
    Which corresponds to numeric permissions of 4511.

    Also try to do...

    sudo -V

    and see if it spits out anything. Mine reports "Sudo version 1.6.8p12"

    I did some digging around and it looks like maybe your sudo binary got jacked up somehow.
  • RSully Level 1 (40 points)
    Sully:~ ryansully11$ ls -l /usr/bin/sudo
    -r-s--x--x 1 root wheel 211232 Sep 23 22:29 /usr/bin/sudo
    Sully:~ ryansully11$


    there.
    and:
    Sully:~ ryansully11$ sudo -V
    Sudo version 1.6.8p12
    Sully:~ ryansully11$


    anyother ideas?
    what IF it got "jacked" any help please?

    I got Mac Leopard, with all updates (that i know of)
  • Mark Jalbert Level 5 (4,630 points)
    Use this command to check if you are a member of the group admin-

    dsmemberutil checkmembership -u $(id -u) -g 80
  • RSully Level 1 (40 points)
    Sully:~ ryansully11$ dsmemberutil checkmembership -u $(id -u) -g 80
    user is a member of the group
    Sully:~ ryansully11$


    ok, so i AM admin--

    also, incase it matters: I first started noticing this problem after I connected to my computer with SSH on the local network- not from away)
  • Mark Jalbert Level 5 (4,630 points)
    Oh boy!

    I'm not sure where to go from here. We could go on probing parts of the operating system but we are dealing with a server. It might be time to pull the plug, clone the present OS, and build the server from the ground up. You could then explore the clone for signs of intrusion.

    Message was edited by: Mark Jalbert
Previous 1 2 3 Next