ReHexx wrote:
ls -l /etc/sudoers
-r--r----- 1 XYZ staff 2299 2 Aug 2015 /etc/sudoers
I can not use Sudo (sudoers is owned by uid 1, should be 0)
The only thing incorrect here is the owner of the file which should be "root" instead of "staff". This file should only be modified by using the "visudo" utility which will always verify the syntax of all entries are correct and will also make sure the file permissions are correct.
I don't recommend ever modifying this file since there is a better way to modify "sudoers" rules which involves creating a new file in "/etc/sudoers.d". Again, you need to use the "visudo" utility for the same reasons you need to use it for the main "sudoers" file. It is much easier to deal with issues with items in "/etc/sudoers.d" than it is to deal with issues in the main "sudoers" file itself.
I have an unknown user called "System" on Macintosh HD since restoring the system a while ago. "System" seems to have root permissons.
Perfectly normal. "system" is one of many system level user/groups macOS requires.
Re-installing Mac Os High Sierra didn't help to let the user "System" disappear. (iMac late 2011)
I don't believe macOS will overwrite any custom configuration files.
Is there a way to change the permissions without erasing the whole system (1 SSD, 1 HD, a lot of data ...)
You just need to change the permission of that "sudeors" file. How to do so is the question. You could try booting into Single User Mode (Command + S) and trying to use the "visudo" command to update the file's permissions. You may need to add a new line to the file so it will have some change to force a save which should involve the utility to check the syntax & permissions.
Once you access the command prompt for Single User Mode, you will need to read the information on the screen which instructs you how to run a file system check using "fsck", followed by remounting the root system volume as read+write. It has been a while since I booted to Single User Mode, but IIRC the commands are (if you don't receive the command prompt after the text on screen stops scrolling by, then press the "Return" key as that will usually cause the command prompt to appear):
fsck -fy /
mount -uw /
You will then need to use the following command to edit the "/etc/sudoers" file the proper way using "visudo" (this command as formatted is only meant for use with Single User Mode):
EDITOR=nano visudo
You should be able to scroll to the end of the file using the down arrow key, then press the "Return" key to create a new empty line. Then press Control + X which will prompt you to confirm you want to save the changes, then it will prompt to confirm the file name. If there are no errors, try rebooting normally to see if you now are able to utilize "sudo". If you still have problems, then maybe there is something wrong with the configuration of that file. On my macOS 13.x, the "sudoers" file is owned by "root". To reboot the computer while in Single User Mode, use the following command:
reboot
Theoretically you should be able to just use:
boot
which should allow macOS to resume booting from Single User Mode into a full boot without restarting, but I prefer the actual full reboot just to be safe.
I can use this mac for every-day-tasks, but I also like to work sometimes with the terminal (learning, git etc.)
and I think it is a security issue too.
Make sure to always have frequent and regular backups of your computer and all external media (including the cloud) which contains important & unique data.
You may want to consider using a Virtual Machine so you can do experimental tasks with an OS hosted within a VM so that you don't accidentally break your main macOS system.
Also, be very careful using any third party utilities like Homebrew to install & manage other command line utilities & apps since Homebrew seems to cause so many people misery since their macOS system configuration files are improperly modified. Plus having some other newer versions of some command line utilities may get macOS confused about which one to use if Homebrew doesn't properly configure the PATH to utilize macOS utilities by default. Again, best to test things out in a VM so verify how things work before making the changes to the main OS you use for every day tasks. Otherwise, be prepared to reinstall & restore from a backup.