Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Thursday, September 14, 2017 9:36 AM
Hello,
I accidentally messed with visudo and locked myself out from sudo on an Ubuntu Virtual Machine. Isn't there a way to edit that or reset using some automation script, rather than deleting and recreating the whole machine, as described in https://docs.microsoft.com/en-us/azure/virtual-machines/linux/troubleshoot-recovery-disks-portal, which looks a very hard way around?
Thanks, Chris
All replies (8)
Thursday, September 14, 2017 10:08 AM
Try “Reset password” option from the portal and then select "Reset SSH configuration only" option and let us know.
Refer the below article:
/en-us/azure/virtual-machines/linux/troubleshoot-ssh-connection
Do click on "Mark as Answer" on the post that helps you, this can be beneficial to other community members
Friday, September 15, 2017 7:50 AM
Thank you for the helpful answer but nope, it didn't fix my issue, I still got syntax error in /etc/sudoers and can't sudo.
Saturday, September 16, 2017 9:48 AM
Could you share the syntax error along with screenshot.
Do click on "Mark as Answer" on the post that helps you, this can be beneficial to other community members
Monday, September 18, 2017 9:00 AM
>>> /etc/sudoers: syntax error near line 31 <<<
sudo: parse error in /etc/sudoers near line 31
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin
I can't upload images (yet) due to the forum policy. Anyway, any attempt to use sudo renders the error above.
Obviously I can't investigate the line 31 of the file as my users has no rights to it and ... it cannot sudo :)
I should have probably changed the root's password to something I know and now I could use su, but it was to easy just to start messing around with sudo...
Or perhaps is there away to change root password of an existing machine using Azure portal?
Thanks, Chris
Wednesday, September 20, 2017 12:45 PM | 1 vote
I would suggest you to check the steps mentioned in the below documents:
/en-us/azure/virtual-machines/linux/using-vmaccess-extension
Also, refer the below links related to root password:
https://serverfault.com/questions/680460/how-to-reset-root-password-on-a-linux-vm-on-windows-azure
https://stackoverflow.com/questions/24313562/root-login-ubuntu-vm-on-azure
Do click on "Mark as Answer" on the post that helps you, this can be beneficial to other community members
Monday, October 9, 2017 9:14 PM
Thank you for valuable tips. My case is now solved.
FYI, the recipes from /en-us/azure/virtual-machines/linux/using-vmaccess-extension didn't really help against the case of broken /etc/sudoers file, as you can't reset root user password this way and newly created sudo users still could not sudo.
BUT
I followed the links to the reference of Azure CLI and managed to fix my case using this:
az vm run-command invoke -g <res> -n <vm> --command-id RunShellScript --scripts "..."
For example you can copy and move files between locations on the target machine and change their permissions. Well, you can do basically anything with this, because those --scripts are apparently run in the root context on the target machine. Hurray for Azure.
Thank you guys for your help!
Tuesday, October 10, 2017 8:23 AM
Awesome :)Glad to know issue got resolved and Thank you for sharing the information as this might help other users.
Do click on "Mark as Answer" on the post that helps you, this can be beneficial to other community members
Saturday, October 14, 2017 11:08 AM
Yep. Any problem with sudoers should by solvable by
az login
az vm run-command invoke -g <res> -n <vm> --command-id RunShellScript --scripts "chmod 446 /etc/sudoers"
<log in as regular user and edit /etc/sudoers out>
az vm run-command invoke -g <res> -n <vm> --command-id RunShellScript --scripts "chmod 440 /etc/sudoers"
I think it's useful as there are other threads on this forum that advise reinstantiating the virtual machine. I reckon this is much cheaper way, at least for simple cases as mine.