User not in the sudoers file. This incident will be reported

24

11

I need to install a package. For that I need root access. However the system says that I am not in sudoers file. When trying to edit one, it complains alike! How am I supposed to add myself to the sudoers file if I don't have the right to edit one?

I have installed this system and only administrator. What can I do?

Edit: I have tried visudo already. It requires me to be in sudoers in the first place.

amarzaya@linux-debian-gnu:/$ sudo /usr/sbin/visudo 

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

[sudo] password for amarzaya: 
amarzaya is not in the sudoers file.  This incident will be reported.
amarzaya@linux-debian-gnu:/$

Sergiy Belozorov

Posted 2010-03-15T22:55:51.580

Reputation: 1 704

4Well, obviously user not(is) the sudoers file. (Typo in title) – Hello71 – 2010-08-25T22:29:50.980

8

You're on the naughty list now - http://xkcd.com/838/

– Aaron Newton – 2012-07-25T22:34:55.050

Answers

18

It would be something of a security hole if you could add yourself to /etc/sudoers without having sudo or root access. Basically then anyone could make themselves root.

Basically you need to ask the administrators of that machine to add you, or to install the package for you, as per the policies of the site.

You should also be sure to use visudo to edit the sudoers file - it checks that the syntax is correct before writing the file. And you can use editors other than vi with visudo. It will by default use whatever you have set as $EDITOR and if you don't have it set you could do

# EDITOR=nano visudo

to use the nano editor instead.

Hamish Downer

Posted 2010-03-15T22:55:51.580

Reputation: 3 064

5I am the admin, since this is my machine and I have installed this system, but it doesn't help :( – Sergiy Belozorov – 2010-03-15T23:13:34.047

9If it is your system then you should have entered a password for the root user when installing. So login as 'root' and then do the visudo stuff. – Hamish Downer – 2010-03-15T23:19:35.563

Indeed. My fault. I have forgotten that I have entered the password during the installation back then. – Sergiy Belozorov – 2012-01-21T21:11:18.970

25

Login as root and use /usr/sbin/visudo to edit the file and add your username. Normal vi/vim will not be able to edit the file.

The easiest way is to just go down until you see the line "root ALL=(ALL) ALL" and add yourself under that with the same syntax (yourusername ALL=(ALL) ALL). Or, you can read the sudoers manpage if you want to give yourself more specific privileges.

Ricket

Posted 2010-03-15T22:55:51.580

Reputation: 1 406

It requires me to be in sudoers list in the first place in order to run visudo. I have installed this Debian, there no other admin. – Sergiy Belozorov – 2010-03-15T23:12:43.737

If you are logged in as root, you don't need to run sudo visudo; just run /usr/sbin/visudo. But it looks like you already found this out, from the other answer's comments. – Ricket – 2010-03-15T23:32:26.717

isn't enough to add the respective user to the "sudo" or "sudoers" (depending on the distro) group? Sadly in my case, it didn't work, but I could swear this used to work...? – Gregor – 2016-11-10T22:27:22.570

5

Just typed the command:

$ su

And asked for the password "root". Typed and boom... It worked!

This problem was my mistake. Due to be back at the facility at the time I created the username and password.

Carlos Trisotto

Posted 2010-03-15T22:55:51.580

Reputation: 51

Thanks that was really helpful and saved my bacon! But i'm curious why simply adding this command and then the root password, would allow elevated privileges.... seems to rather defeat the purpose of the message "User not in the sudoers file. This incident will be reported" – Sol – 2016-12-02T05:17:11.643

1

Perhaps the easiest way, once you're root, is:

echo 'amarzaya ALL=(ALL) ALL' >> /etc/sudoers

user21655

Posted 2010-03-15T22:55:51.580

Reputation:

7You should be sure to use visudo to edit the sudoers file, rather than edit it directly or echo text to it. This will ensure that it is syntactically correct, and ensure that you don't lock yourself out of access, or grant someone improper access. – pkaeding – 2010-06-15T03:51:54.327

1

If your sudoers file already contains this kind of line 

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

Then, the cleanest way of doing things is probably to grant the admin group to your user. For instance, to add user oracle to the admin group:

usermod -aG admin oracle

Alain Pannetier

Posted 2010-03-15T22:55:51.580

Reputation: 722

That's what I was looking for. For me the cleanest as well, no messing with the sudoers file. – webjunkie – 2012-08-29T12:57:39.330

1The correct command is usermod -g oracle admin – kvanberendonck – 2014-01-04T07:41:53.627

-1: the syntax is usermod -g $group $user. You're probably thinking of the adduser syntax, which is adduser $user $group. – Blacklight Shining – 2014-02-05T16:05:48.983

1…actually, you'll most likely want usermod -aG $group $user. -g sets the user's primary group to the one you specify, and -G without -a will remove the user from groups that are not listed. -g will also change the group ownership of all files owned by the previous group in the user's home directory. So if you're like me and you have your umask set to 007 – Blacklight Shining – 2014-02-05T16:07:48.450

1@BlacklightShining. You're right. The wrong syntax was proposed by a previous commenter and since oracle is often a group as well, there is indeed room for confusion. I shouldn't have "corrected". – Alain Pannetier – 2014-02-05T20:51:53.283

-1

All you need is add your <username> to whell group.

# usermod -aG whell username

Then login with your username and enjoy :)

EFernandes

Posted 2010-03-15T22:55:51.580

Reputation: 149

-1

In case you can still get root access using su, you can use this one-liner to add yourself to /etc/sudoers/:

su -c 'echo $USER ALL=(ALL)ALL >> /etc/sudoers'

To activate the change, log out and in again. For example end your the X Session or log out via shell enter exit.

Bengt

Posted 2010-03-15T22:55:51.580

Reputation: 99

-1: see pkaeding's comment.

– Blacklight Shining – 2014-02-06T15:31:51.433

-1

If you cannot use the sudo command, then you can use the following method:

  1. Press Ctrl+Alt+F1
  2. Log the user out if the user is not root
  3. Log in as root
  4. Use root privileges
  5. Log out (exit) – Ctrl+Alt+F7 to get to the GUI

user3113604

Posted 2010-03-15T22:55:51.580

Reputation: 1

-1: This only works in some local environments that actually have a GUI. – Blacklight Shining – 2014-02-06T15:20:48.867

-3

Sign in using the following first:

$ su

Then go ahead with:

$ sudo apt-get update

or whatever as normal

Alastair

Posted 2010-03-15T22:55:51.580

Reputation: 1

1you don't need su - sudo does this. – Simon Sheehan – 2011-12-02T21:01:09.650

They are not quite the same thing actually. sudo is 'do as super user', but you login with your user's password. su is 'switch user', and by default (without arguments) it attempts to switch to the root user, in which case you need to enter the root password. But you are also correct - using sudo after su is redundant, since you would already be the root user. – Aaron Newton – 2012-07-25T22:39:11.287

@aaron.newton I would actually read it as Switch User and DO; you can pick any user to run the command as with the -u flag. It is mostly used for root, but so is su. – Blacklight Shining – 2014-02-06T15:23:37.380

@aaron.newton I would actually read it as Switch User and DO; you can pick any user to run the command as with the -u flag. It is mostly used for root, but so is su. – Blacklight Shining – 2014-02-06T15:23:37.133

Asked: 2010-03-15T22:55:51.580

Viewed: 194 656 times

Active: 2017-04-26T09:58:41.747