0

I'm using Ubuntu 16.04 LTS. In the terminal I was in the htdocs/project folder and I have run this command to change permission of current folder:

asus@asus-X541UJ:~/Bureau/htdocs/project$ sudo chmod -R 777 /

After many of texts were appeared in the terminal , sudo command isn't working anymore.

sudo: /etc/sudoers is world writable
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin
karel
  • 114,770
hous
  • 225
  • 2
    This is because you did a 777 recursively on the entire disk. You actually changed all the permissions on the entire system (ALL folders, ALL files, ALL programs), and that is going to be a HUGE problem. You've basically torched the permissions on your entire system with that sudo chmod -R 777 / since that changes permissions on every single file on the disk. Hopefully you can back up the information you want to keep and then reinstall, because youo're going to have a hell of a time getting a lot of apps to run (including sudo itself), and SSH keys won't work right either. – Thomas Ward Sep 12 '18 at 15:33
  • 2
    @ThomasWard "Hopefully you can back up the information you want to keep and then reinstall," you mean that I must reinstall ubuntu from the beginning ? – hous Sep 12 '18 at 15:42

1 Answers1

-2

You did something really wrong: you gave everyone the power to modify the root directory and all of its subdirectories (there included /etc and /etc/sudoers*).

For this reasons sudo will refuse to run. From the friendly manual:

            To help prevent the editing of unauthorized files, the following restrictions are enforced unless explicitly allowed by the security policy:

             ·  Symbolic links may not be edited (version 1.8.15 and higher).

             ·  Symbolic links along the path to be edited are not followed when the parent directory is writable by the invoking user unless that user is root (version 1.8.16 and higher).

             ·  Files located in a directory that is writable by the invoking user may not be edited unless that user is root (version 1.8.16 and higher).

If you have root's password, please use su - to become root and fix back the permissions.

Otherwise you need to reboot the machine with init=/bin/sh, remount the / file system as rw (read-and-write) and, again, fix all those permissions. That can be tedious and error prone, indeed, but it's still possible.

As root you can start with:

find / -type d -maxdepth 1 -exec chmod -vc go-w {} \; chmod -vc 440 /etc/sudoers

EnzoR
  • 1,717
  • 4
    Note that it's not possible to just 'fix the permissions' from this type of recursive 777 - the only way to really 'fix' those permissions is to reinstall the system and then not screw up and run a recursive 777 on the entire system again. *This is because MANY things are going to be obscenely broken by this permissions change that happened, not just sudo.* – Thomas Ward Sep 12 '18 at 15:37
  • @ThomasWard It's possible, indeed. It's a nightmare, but still possible. You do it manually, file by file, directory by directory. Yes, it could be a completely fucked up system. – EnzoR Sep 12 '18 at 15:39
  • 1
    I have to agree with @ThomasWard It will be quite tedious to go through each and every system files in each folder including files installed by installed applications and first determine what the original permissions were (how does one do that?) and then change them back to the original state. – user68186 Sep 12 '18 at 15:40
  • @Uqbar While you "can" fix it, you can't change it properly in the way that applications will behave again (the only real fix is the reinstallation). Especially since we don't have the 'previous state' of the permissions we can fall back upon. – Thomas Ward Sep 12 '18 at 15:40
  • @user68186 tedious != impossible. And if you have to fix a system you screwed up, than it's mandatory. – EnzoR Sep 12 '18 at 15:41
  • And also, if the OP never enabled the root account, there is no root password, so they won't be able to easily restore access to the system. Which means they're stuck at the "Probably faster to reinstall" step again. – Thomas Ward Sep 12 '18 at 15:41
  • @ThomasWard My answer is based on the exposed facts, not on assumptions. Indeed, the situation is quite complex. Yet useful to show how to go to a fucked up system and fix it. The alternative you are thinking about is: you cannot fix it. Which isn't true. – EnzoR Sep 12 '18 at 15:43
  • 1
    Not going to have this argument here. TL;DR, "tedious" without you explaining exactly what permissions go where and how OP is supposed to actually reset the permissions means that you don't give them the means to do it, and such recommendations in your answer are basically "Yeah you can restore it" but not giving them the means to do so. And judging that the user ran the command they did, they don't really know what permissions to reset. Therefore, the point I was trying to make still stands. (If you wish to continue this argument you can try to in chat, no guarantee I'll reply though) – Thomas Ward Sep 12 '18 at 15:45
  • 1
    To find the permissions of all the files that is screwed up. First build an identical system similar to the one screwed up. Then compare permission of each file from the new system with the screwed up system. Change as needed when you find a discrepancy. Sure, not impossible, but you need a second computer and endless time. – user68186 Sep 12 '18 at 15:45
  • @user68186 Ubuntu uses a pretty simple schema for file permissions. Using a reference system is another option. That system is recoverable without the need of a reinstallation. Unless you are lazy. – EnzoR Sep 12 '18 at 15:48
  • Then please list all the commands needed to fix it including specific commands needed for each file. Calling someone lazy is abusive and against the code of conduct of this site. – user68186 Sep 12 '18 at 15:52
  • "Unless you are lazy" means "Unless someone is lazy". Not you in person, @user68186! – EnzoR Sep 12 '18 at 15:59
  • Please, ask more people to downvote my answer. It's really funny. – EnzoR Sep 12 '18 at 16:00
  • 1
    @user68186 Permissions could be saved and restored using getfacl -R and setfacl --restore but that's still no guarantee and you would need a 2nd system with the exact same set of files. Unlikely. I'd also suggest to backup personal data and then reinstall. – PerlDuck Sep 12 '18 at 16:19
  • @PerlDuck Thanks! The issue is then building a second system with exactly the same set of files. – user68186 Sep 12 '18 at 16:37