Archive for May, 2014

Solution after sudo/su is ruined


Table for linux user/group permission format .

The command “sudo chmod -R 777 /usr” ruined /usr/bin/sudo and /usr/bin/su

After ruined, when “sudo …” is executed, error occurs like

$ sudo
sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set


$ su
su: Authentication failure

According to the hints of error, this problem is solved by rebooting computer into a chroot mode, and execute following command

# chmod 4755 /usr/bin/sudo

# chown root:root /usr/bin/sudo # this makes ‘sudo’ owned by root (uid=0)

# chmod u+s /usr/bin/sudo        # this set the ‘setuid’ bit, which is the third character in first triad

Explaination of setuid:

setuid and setgid (short for “set user ID upon execution” and “set group ID upon execution”, respectively)[1] are Unix access rights flags that allow users to run anexecutable with the permissions of the executable’s owner or group respectively and to change behaviour in directories. They are often used to allow users on a computer system to run programs with temporarily elevated privileges in order to perform a specific task. While the assumed user id or group id privileges provided are not always elevated, at a minimum they are specific.


Categories: Alive Tags: , ,