sudo broken in catalina

The problem is not with the read-only partition, but is a problem that has existed since, at least, 2017.

With the upgrade to Catalina, the original sudoers file is replaced by a stock file.

(Verify if you have a directory linked on your desktop saying "Relocated Items", you will find your original file in the "Relocated\ Items/Configuration/private/etc/sudoers" ).

If you comment out the group rules (lines starting with %), the problem should be solved.

More details at https://discussions.apple.com/thread/7906178

The operative is "all previous versions" -- but Catalina is very different. The / file system is a read-only partition now and has a special Data area that keeps the stuff that needs to remain modifiable. See the discussion at https://www.macobserver.com/analysis/macos-catalina-protects-os-read-only-volume/ and many other places (just use your favorite search engine and search for "catalina read only partition".

Might want to look over the Catalina review at ArsTechnica.com also at https://arstechnica.com/gadgets/2019/10/macos-10-15-catalina-the-ars-technica-review/ and the discussion of the read only system volume at Catalina’s read-only system volume

Security considerations have taken over a lot of what used to be OK to modify.

Good luck...

There should already be an entry for all "admin" users in the "wheel" group to be able to issue "sudo" command.

Perhaps try a "safe" boot and see if that helps.

The problem is the read-only / file system in many/most/all cases.

There is a very limited way to modify / by using something called "synthetic" links -- see "man synthetic.conf" for more info. But all that does is allow you to create links in the /System/Volumes/Data folder to other places in the "read-only" portion of the file system. Not quite the same as having a writable / filesystem. And it requires a reboot to make the change take affect, so not something that is especially convenient.

This sort of fundamental change to the way you use/administer a mac system is really quite a bothersome situation to me and would guess many other people who are used to being able to modify your own system without the OS putting up roadblocks to what you want to change to fit your own preferences. But those days are over it would seem, and I'm guessing maybe it might be time to look into using Mac systems with another operating system in some situations, like Linux or ??? That will be a very sad day, indeed, but certainly a possibility.

Good luck...

kcwoodfield wrote:

How do you change the sudoers file when you aren't a sudoer? Below is what I get when I try to alter /etc/sudoers:

<username> is not in the sudoers file. This incident will be reported.

You don’t.

You need be an admin user.

If you have no admin user, or forgot your admin user login, follow the existing discussions of how to recover from that; you’ll have to break into macOS, and how to do that varies by Mac and by version of macOS.

Thanks @abismo, in my case the "Relocated Items" folder had my pre-Catalina sudoers file in it, and it was a matter of manually bringing over the lines I needed into Catalina's via visudo.

Not sure why the Catalina upgrade don't merge that file automatically, I speculate b/c it could be considered a higher risk?

Regardless, thanks for the tip, that sorted me out.

You could always add yourself to the sudoers file.

cmd: sudo visudo

username ALL = (ALL) ALL

mat163 wrote:

sudu nano /etc/hosts

This command as written is incorrect.

How do you change the sudoers file when you aren't a sudoer? Below is what I get when I try to alter /etc/sudoers:

<username> is not in the sudoers file. This incident will be reported.

Ah. I'm on a work machine and thought I had access so I'll ping the admin here. it's annoying the sudoers file was removed/moved... tx

sudo visudo

Password: <enter your password>

Modify and save and exit vi (e.g: wq!)

This does not work in Catalina, due to readonly filesystem