User profile for user: sdschramm
sdschramm Author
User level: Level 3
525 points

How do I reset "sudo" - I am the admin!

Well, long story short, I was trying to fix something, and was doing pretty good, but in the process, I apparently messed up my "sudo file" as whenever I use sudo in the terminal I get:

sudo: parse error in /etc/sudoers near line 0
sudo: no valid sudoers sources found, quitting


So, is there anyway to "reset" that file? I am the administrator and have the passwords, so I'm not trying to hack anything....just fix my system.

Thanks,
Scott

13" MacBook Pro/4GB RAM/320GB HD - 500MHz iBook G3/640 RAM/160GB HD/WiFi, Other OS, OS X 10.6 Snow Leopard on the MacBook Pro, and OS X 10.4.11 Tiger on the iBook

Posted on Sep 29, 2009 6:59 PM

Reply
10 replies
User profile for user: sdschramm
sdschramm Author
User level: Level 3
525 points

Oct 5, 2009 12:56 PM in response to red_menace

red_menace wrote:
You don't want just any account to be able to run as the superuser (or another user), so sudo usage is restricted to those that are listed in the sudoers file. The administrator accounts are included in sudoers, but you will need to manually edit it for others.


Ok, so how to I safely and easily add a standard user to that "list" without screwing anything up?
Reply
User profile for user: sdschramm
sdschramm Author
User level: Level 3
525 points

Oct 4, 2009 1:40 PM in response to sdschramm

Got it - I think.

I copied the sudo file that was my mothers iMac. I put it in the same spot on my MacBook, changed the permissions to 440, the owner and group to 0, etc so everything would match up. Terminal no longer gives me the error and prompts for the password, so it is working!

Come to think of it, I could have just used a time machine backup! Oh well.

HOWEVER here is the thing that I still do not understand about SUDO:

I have three accounts on my system. "Admin" is an admin and is used by NO ONE. "Scott" is a standard account that I use as my main account, and "Guest" which is also a standard user and is only used by guests. (I know there is a "guest" feature, however, it erases all the settings and stuff at log out, which means I can't set default programs like Firefox instated of safari, etc.

So my question is, "SUDO" is used for when you need to do something with more permissions then you have, so that is why it asks for your password. However, whenever I've used it, I put in my password, and it always says that I am not in the sudoers file and the incident will be reported.

So whats the point? I still have to login to "Admin" (the admin account) and use the terminal, so whats the point of sudo if I can't use it? I looked about putting my name in the file (which I think is how I got it screwed up in the first place!) but then a lot of people said that you should not do that because it opens up a lot of security concerns.

So, is there something i'm just not understanding here or something?

PLEASE educate me!

Thanks,
Scott
Reply
User profile for user: 2607:fab8::-32__
2607:fab8::-32__
User level: Level 1
10 points

Oct 5, 2009 2:57 PM in response to sdschramm

visudo is what you want to use to edit the file. It has some sanity and syntax checks when editing the sudoers file. I'm not sure if adding an account name directly to the file will work. I've always made whomever would need sudo access and admin and not a standard user. MAC OS doesn't seem to just use the /etc/passwd file alone for authentication. Maybe PAM or some LDAP is what's used. I have yet to dig into MAC authentication just yet 🙂
Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

How do I reset "sudo" - I am the admin!

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up