/etc/sudoers的權限必須是0440,錯誤修改成0777后導致sudo命令無法使用。
xxx@yyy:~$ sudo more /etc/sudoers.d/README
[sudo] password for xxx:
#
# As of Debian version 1.7.2p1-1, the default /etc/sudoers file created on
# installation of the package now includes the directive:
#
# #includedir /etc/sudoers.d
#
# This will cause sudo to read and parse any files in the /etc/sudoers.d
# directory that do not end in '~' or contain a '.' character.
#
# Note that there must be at least one file in the sudoers.d directory (this
# one will do), and all files in this directory should be mode 0440.
#
# Note also, that because sudoers contents can vary widely, no attempt is
# made to add this directive to existing sudoers files on upgrade. Feel free
# to add the above directive to the end of your /etc/sudoers file to enable
# this functionality for existing installations if you wish!
#
解決辦法1:如果系統中有root用戶,那么只需要登錄root用戶修改/etc/sudoers文件的權限。
su root
chmod 0440 /etc/sudoers
但如果此時未設置root用戶或密碼,無法登錄root用戶。
解決辦法2:可在普通用戶下通過pkexec命令來修改權限。
pkexec chmod 0440 /etc/sudoers
參考信息:http://askubuntu.com/questions/50704/sudo-error-is-mode-0777-should-be-0440
如果未安裝pkexec命令系統會提醒sudo apt-get install policykit-1,那么此時需要重啟進入GRUB boot里選擇進入Recovery Mode下執行apt-get install policykit-1
在重新返回通常模式下,執行pkexec chmod 0440 /etc/sudoers
xxx@yyy:~$ pkexec chmod 0440 /etc/sudoers
==== AUTHENTICATING FOR org.freedesktop.policykit.exec ===
Authentication is needed to run `/bin/chmod' as the super user
Authenticating as: xxx,,, (xxx)
Password:
==== AUTHENTICATION COMPLETE ===
有時在Recovery Mode下執行apt-get install policykit-1提示W: Not using locking for read only lock file /var/lib/dpkg/lockl。
可以執行Recovery Mode下的dpkg - repair broken packages
參考信息:http://ubuntuforums.org/showthread.php?t=1086473