sudo must be setuid root error already tried everything - linux

I am getting following error while trying to switch to root.
[~]# sudo su -
sudo: must be setuid root
and I have confirmed the permission of sudo file set to correct
[~]# ls -l /usr/bin/sudo
---s--x--x 2 root root 190904 Mar 10 2014 /usr/bin/sudo*
also the user is already wheels group. please help

Please make sure that the user has normal jail access

Related

How to set specific user can run certain root command in redhat

i want to ask for a specific user to use certain root commands in redhat?
my server run redhat OS 7.6. i dont have any idea how to set a user that can run certain commands from root.
let say i have one user id name MY_CIT, so MY_CIT can run certain commands for example to create print queue #lpadmin -p printer -v socket://printer:9100 -E
so MY_CIT no need root access to trigger the command.
Anyone experience on this? kindly help. thanks
You'll be able to use file ACLs. As a test I removed execute permissions from the nano command, just to show how this will work.
You won't need to do this, however, you will need root permissions to the machine. Instead of nano, use 'lpadmin' as per your requirements
[root#server bin]# chmod o-x /bin/nano
[root#server bin]# ls -lah /bin/nano
-rwxr-xr-- 1 root root 202K Jun 10 2014 nano
To test, we change to user1 and try use nano to edit a file:
[user1#server ~]$ nano file1
-bash: /bin/nano: Permission denied
Now, as root again, we add an ACL to the nano program. This allows only user1 to execute the program.
[root#server bin]# setfacl -m u:user1:x /bin/nano
Display ACL with getfacl:
[root#server bin]# getfacl /bin/nano
getfacl: Removing leading '/' from absolute path names
# file: bin/nano
# owner: root
# group: root
user::rwx
user:user1:--x <<-- Note this
group::r-x
mask::r-x
other::r--
As user1, we are able to use the nano program, but not as user2:
[user1#server ~]$ nano file1
[user1#server ~]$ ls
file1
[user1#server ~]$ exit
logout
[root#server bin]# su - user2
[user2#server ~]$ nano file1
-bash: /bin/nano: Permission denied
ACLs allow admins to extend permissions past just user/group/other. You're able to set permissions for specific users on the system.
Run command with a root privilege:
sudo visudo
It opens file /etc/sudoers for edit.
Add this line at the end of the file (and after keep one blank line):
MY_CIT ALL = NOPASSWD: /usr/sbin/lpadmin
where:
MY_CIT - name of your user
/usr/sbin/lpadmin - path to executible file. Note please that in your distro path can be different. You can check this with command whereis lpadmin.
After user can run command lpadmin with arguments with sudo without password:
sudo lpadmin ...

/usr/bin/crontab execution failed: must be privileged to use -u System error: crontab execution error

I want to create a new cronjob via Plesk. After submit the configuration i get the error from my topic.
I have tried chmod and chown to the crontabmng without success.
my crontabmng owner is
root:root and the permission is -rwxr-xr-x
Check for suid bit 's' on /usr/bin/crontab:
# ls -la /usr/bin/crontab
-rwsr-xr-x. 1 root root 57552 Mar 31 2016 /usr/bin/crontab
SOLVED i think with the following:
service psa stopall
chown root.psaadm /usr/local/psa/admin/sbin/wrapper
chmod 4110 /usr/local/psa/admin/sbin/wrapper
chown root.psaadm /usr/local/psa/admin/sbin/mod_wrapper
chmod 4110 /usr/local/psa/admin/sbin/mod_wrapper
and the last step takes some time
service psa start
for now its all running and i get no errors.
hope it helps.

sudo command is not working in ubuntu 14.04

In my machine sudo command is not working and it is giving following message.
sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set
When I tried
ls -l /usr/bin/sudo it is giving
-rwxr-xr-x 1 'whoami' root 155008 Aug 28 2015 /usr/bin/sudo
It looks like, at some point, someone tried to take over ownership of the sudo executable but used single quotes rather than backticks:
chown 'whoami' /usr/bin/sudo # The wrong way
chown `whoami` /usr/bin/sudo # The right way
chown $(whoami) /usr/bin/sudo # Another right way
Note that I say "right way" but it's probably not something anyone should be doing anyway.
You're going to have to figure out some other way of getting into the root account (such as booting in single user mode) and changing the ownership and permissions back to what they should be:
chown root /usr/bin/sudo
chmod u+s /usr/bin/sudo
After that, it should be back at the correct:
-rwsr-xr-x 1 root root 155008 Aug 28 2015 /usr/bin/sudo

sudo must be setuid root error

I am getting the following error while switching to root user
[~]# sudo su -
sudo: must be setuid root
The current permission of sudo is
[~]# ls -l /usr/bin/sudo
---s--x--x 2 root root 190904 Mar 10 2014 /usr/bin/sudo*
It's may CLOUDLINUX 5.11 x86_64 cPanel live server. Any suggestions on how to fix this?
Try to Enter system with recovery mode.(maybe Esc or Shift when start.)
Then choose the content row with 'root' in recovery menu.
Then:
#mount -o remount,rw /
#chown root:root /usr/bin/sudo
#chmod 4755 /usr/bin/sudo
now, restart...
try:
sudo ls
but if following exception raise:
#sudo: /usr/lib/sudo/sudoers.so must be owned by uid 0
#sudo: fatal error, unable to load plugins
Then you need entering recovery mode again and try:
#chown root /usr/lib/sudo/sudoers.so
restart...
I have fixed it my self. Currently the user is set to jailed shell and now I changed it to normal shell and could switch to root. – Techiescorner

Unable to edit file through sudo permission

I am trying to setup sudo permission for an account to have full access to all files under certain directory.
I have made the following entry in sudoers file
itg ALL= NOPASSWD: /apps/pgm/admin/
The file which I trying to modify and execute under /apps/pgm/admin/ path has the following permssion.
-rwxr--r-- 1 root root 6034 Oct 2 02:00 ptTomcat.ksh
Though I am able to execute the above script through sudo, when I try to edit this file through sudo I am getting the following error
Sorry, user itg is not allowed to execute '/bin/vi /apps/pgm/admin/ptTomcat.ksh' as root
I am running Linux
Any thoughts?
Your user cannot execute '/bin/vi' as root as you haven't added that command to /etc/sudoers for that particular user.
Try something similar to:
itg ALL= NOPASSWD: /bin/vi /apps/pgm/admin

Resources