Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > Software - Troubleshooting and Discussion > Mac OS X > sudo Broken!

sudo Broken!
Thread Tools
Mac Enthusiast
Join Date: Feb 2000
Location: Old Dominion University, Norfok, VA
Status: Offline
Reply With Quote
Mar 8, 2002, 06:26 PM
 
HELP! Just recently sudo has been broken under X.1.3 and I can't figure out how to get it back. I think this might be why Duality hasn't been working for me. When I opened the Terminal this is what it gives me:

---------------------------------------------------
login: setgroups: Operation not permitted
Welcome to Darwin!
[localhost:~] ian% sudo
Sorry, sudo must be setuid root.

---------------------------------------------------

How do I fix this sudo problem?! I reinstalled X.1.3 thinking this would fix it but it wouldn't. Any help would be much appreciated! Thanks!
iPond317 | ODU Apple Campus Rep
"Ten years ago down by the lake I sunk my sweet love down to her watery grave." - Hello Again | DMB

Old: Apple IIc, PowerMac 7200/90, iMac Bondi Blue 233, Titanium PowerBook G4 400 - New: MacBook 2.0, iPhone 8GB, AirPort Extreme Gb, iPod 30GB 5th Gen
     
Professional Poster
Join Date: Jul 2001
Location: Dis
Status: Offline
Reply With Quote
Mar 8, 2002, 08:04 PM
 
Originally posted by iPond317:
<STRONG>HELP! Just recently sudo has been broken under X.1.3 and I can't figure out how to get it back. I think this might be why Duality hasn't been working for me. When I opened the Terminal this is what it gives me:

---------------------------------------------------
login: setgroups: Operation not permitted
Welcome to Darwin!
[localhost:~] ian% sudo
Sorry, sudo must be setuid root.

---------------------------------------------------

How do I fix this sudo problem?! I reinstalled X.1.3 thinking this would fix it but it wouldn't. Any help would be much appreciated! Thanks!</STRONG>
A lot of applications won't work if they aren't owned by root. Among others, there are:
top
su
sudo
hdid

You'll have to log in as root (since you don't have access to sudo, and I bet you can't su either), and then type the following in to the command line:

chown root :wheel /usr/bin/sudo

This command will change the owner (chown) to root, and the user group to wheel, of the file /usr/bin/sudo. You'll want to make sure that the owner and group are all set correctly for those other files, too. Here is the pattern from the terminal:
<BLOCKQUOTE><font size="1"face="Geneva, Verdana, Arial">code:</font><HR><pre><font size=1 face=courier>
-r-sr-xr-x <font color = blue>1</font> root wheel <font color = blue>43820</font> Feb <font color = blue>20</font> <font color = blue>02</font>:<font color = blue>00</font> top
-r-sr-xr-x <font color = blue>1</font> root wheel <font color = blue>14704</font> Feb <font color = blue>20</font> <font color = blue>02</font>:<font color = blue>00</font> su
---s--x--x <font color = blue>1</font> root wheel <font color = blue>107608</font> Feb <font color = blue>20</font> <font color = blue>02</font>:<font color = blue>00</font> sudo
-r-xr-xr-x <font color = blue>1</font> root wheel <font color = blue>58600</font> Feb <font color = blue>20</font> <font color = blue>02</font>:<font color = blue>01</font> hdid
-r-sr-xr-x <font color = blue>1</font> root wheel <font color = blue>15028</font> Feb <font color = blue>20</font> <font color = blue>02</font>:<font color = blue>00</font> scselect
</font>[/code]

These are only the files that I know that need to be owned by root (they're called setuid root). There are likely others that need to be owned by root to, so I just set root as the owner for all of /usr except /usr/local/ which is owned by an admin.

FYI, hdid is essential for disk copy to mount .dmg files if you were having problems with that, and scselect is essential for switching locations, if you were having problems with that.

BlackGriffen
I do not feel obliged to believe that the same God who has endowed us with sense, reason, and intellect has intended us to forgo their use. -Galileo Galilei, physicist and astronomer (1564-1642)
     
Mac Elite
Join Date: May 1999
Location: San Jose, CA
Status: Offline
Reply With Quote
Mar 8, 2002, 08:05 PM
 
It sounds like the file mode for sudo has been changed somehow. sudo needs to be 'setuid root' so that it can run as root when executed by other users.

Try the following:

ls -l /usr/bin/sudo

You should see something like:

---s--x--x 1 root wheel 107608 Dec 20 17:47 /usr/bin/sudo

If you don't (i.e. you see ---x--x--x or similar in the file modes) you'll need to:

su -
&lt;enter root password&gt;
chmod 4111 /usr/bin/sudo

This will change the file modes on /usr/bin/sudo to the right permissions.
Gods don't kill people - people with Gods kill people.
     
Clinically Insane
Join Date: Nov 1999
Status: Offline
Reply With Quote
Mar 8, 2002, 09:30 PM
 
You've been messing with the permissions, haven't you? Let me guess: Classic won't run either.

Anyway, that's the issue (and it's why you shouldn't be touching the permissions on Apple-installed stuff in the first place). Since you can't use sudo and probably can't use su, you'll need to log in as root for this. If you never enabled root login in NetInfo, you might not even be able to do that now, in which case you'll have to boot into single-user mode.

Either way, once you get this done, there are two commands you have to run, just to make sure.

The first is chown root:wheel /usr/bin/sudo. You should also do this for /usr/bin/top, /usr/bin/su, /usr/bin/hdid, and /usr/bin/scselect.

The second is chmod 4111 /usr/bin/sudo. But only do this on that one particular file. For the others I mentioned, use 4555 instead of 4111. That will make those files match the nice Terminal pattern that BlackGriffen posted.
You are in Soviet Russia. It is dark. Grue is likely to be eaten by YOU!
     
Grizzled Veteran
Join Date: Oct 2000
Location: Netherlands
Status: Offline
Reply With Quote
Mar 9, 2002, 08:33 AM
 
Originally posted by Millennium:
<STRONG>You've been messing with the permissions, haven't you? Let me guess: Classic won't run either.

Anyway, that's the issue (and it's why you shouldn't be touching the permissions on Apple-installed stuff in the first place). Since you can't use sudo and probably can't use su, you'll need to log in as root for this. If you never enabled root login in NetInfo, you might not even be able to do that now, in which case you'll have to boot into single-user mode.</STRONG>
Luckily for him, this is not the case. NetInfo changes the root password * into whatever you specify, and doesn't need any other tools for that. I believe it still works with the "Old" authentication stuff, so it is not dependant on the "Trampoline" which should be setuid and which in his case is probably broken aswell.

Suggestion. If you find more then one broken command. Back up your Users folder (Use CCC or something. There is more than enough on versiontracker) and reinstall from scratch. I know it is a lot of trouble but else you are going to keep running into things that wont work for you.

DJ

Derk-Jan Hartman, Student of the University Twente (NL), developer of VLC media player
     
   
Thread Tools
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Top
Privacy Policy
All times are GMT -4. The time now is 10:10 AM.
All contents of these forums © 1995-2015 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2015, Jelsoft Enterprises Ltd., Content Relevant URLs by vBSEO 3.3.2