LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 06-23-2016, 12:53 PM   #1
hazel
LQ Guru
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: LFS, AntiX, Slackware
Posts: 5,484
Blog Entries: 16

Rep: Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251
Can't see contents of /etc/sudoers in visudo, yet vi shows it clearly


I'm fooling around with a new, very skeletal NuTyX system, doing various configuration jobs. I hope eventually to have it fully operational. But I've now come across something that I've never seen before on any Linux system, and I can't find any relevant google articles either.

The system has an /etc/sudoers file which I can view as root; its contents look entirely normal. I can also put it into the vi editor (which, as far as I can see, is the only editor I've got). But when I use visudo, it shows a completely empty file!

I don't want to do any edits of sudoers outside of visudo, so I can't give myself any sudo rights for the time being. I need to know what's going on here.
 
Old 06-23-2016, 01:14 PM   #2
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 5,607
Blog Entries: 3

Rep: Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851
I've not seen that distro but have you tried telling "visudo" explicitly which file to work on?

Code:
visudo -f /etc/sudoers
Or with a different editor?

Code:
EDITOR=/usr/bin/nano visudo -f /etc/sudoers
 
Old 06-23-2016, 04:18 PM   #3
sgosnell
Senior Member
 
Registered: Jan 2008
Location: Baja Oklahoma
Distribution: Debian Stable and Unstable
Posts: 1,945

Rep: Reputation: 536Reputation: 536Reputation: 536Reputation: 536Reputation: 536Reputation: 536
What files are in /etc/sudoers.d?
 
Old 06-24-2016, 02:25 AM   #4
hazel
LQ Guru
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: LFS, AntiX, Slackware
Posts: 5,484

Original Poster
Blog Entries: 16

Rep: Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251
Quote:
Originally Posted by Turbocapitalist View Post
I've not seen that distro but have you tried telling "visudo" explicitly which file to work on?

Code:
visudo -f /etc/sudoers
Yes, that was the first thing I tried, and it doesn't make any difference. This morning I had another go, trying to move my cursor around inside the file. I can't, so this is a genuinely empty file that visudo gives me, not a file with invisible text (now that really would be weird!).
Quote:
Or with a different editor?

Code:
EDITOR=/usr/bin/nano visudo -f /etc/sudoers
The problem at the moment is that I haven't got another editor, and I won't be able to install one until I get wifi working. Which is another problem, but let's take things one at a time. Actually I don't think this vi that I'm using is really vi at all. I think it's a clone; it looks different. Classic vi doesn't show you which mode you're in; vim does (but not if you're in command mode). This vi shows the mode all the time, in inverse video.

I've thought up a few more tests, but to do them, I'll first have to back up sudoers to a safe place. I'll report back later. Now I have to walk the dog.

@sgosnell: /etc/sudoers.d is empty.

Last edited by hazel; 06-24-2016 at 02:26 AM.
 
Old 06-24-2016, 06:56 AM   #5
hazel
LQ Guru
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: LFS, AntiX, Slackware
Posts: 5,484

Original Poster
Blog Entries: 16

Rep: Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251
Ok, here's the results of my tests. I started by making a backup copy of /etc/sudoers just in case. I wrote some random data into the empty file that visudo gave me, then wrote it out with :w. There was no warning about bad syntax (there should have been!) but it did not overwrite /etc/sudoers. Where it got filed, I have no idea, but subsequent calls to visudo recovered this file, with my random data in it. I also wrote it out under another name and checked that it contained my data and nothing else. So visudo makes a new file and keeps it separate from the actual sudoers file.

I also tried to load the real file by using ":r /etc/sudoers" inside visudo, but that didn't work either. The file remained empty.
 
Old 06-24-2016, 08:29 AM   #6
sgosnell
Senior Member
 
Registered: Jan 2008
Location: Baja Oklahoma
Distribution: Debian Stable and Unstable
Posts: 1,945

Rep: Reputation: 536Reputation: 536Reputation: 536Reputation: 536Reputation: 536Reputation: 536
/etc/sudoers.d should have at least one file. Usually it's README, which explains this. But I'm not certain your distro requires this. But for most distros using recent versions of sudo, at least one file of some type must be present.

What visudo does is save your changes to sudoers.tmp, and then moves the tmp file to the real sudoers file. You can see this in nano by looking at what is displayed at the bottom, "File Name to Write: /etc/sudoers.tmp". Is /etc/sudoers.tmp present? If so, it's not getting moved for some reason. I've never seen that behavior, but then there are lots of things I've never seen, fortunately.
 
Old 06-24-2016, 11:19 AM   #7
hazel
LQ Guru
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: LFS, AntiX, Slackware
Posts: 5,484

Original Poster
Blog Entries: 16

Rep: Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251
Quote:
Originally Posted by sgosnell View Post
/etc/sudoers.d should have at least one file. Usually it's README, which explains this. But I'm not certain your distro requires this. But for most distros using recent versions of sudo, at least one file of some type must be present.
I don't have such a file in LFS or in Crux either, yet sudo works perfectly well there. I do have a README file in Debian, according to which you only need a file in sudoers.d if you have the "includedir" directive uncommented in sudoers.

Quote:
What visudo does is save your changes to sudoers.tmp, and then moves the tmp file to the real sudoers file. You can see this in nano by looking at what is displayed at the bottom, "File Name to Write: /etc/sudoers.tmp". Is /etc/sudoers.tmp present? If so, it's not getting moved for some reason.
New info: Visudo does create such a file and it contains the actual contents of sudoers. I can view it from another terminal. But what visudo shows at the console is a different file, an empty one. The closing message from visudo mentions "/etc/sudoers.tmp unchanged", but the file is no longer there after visudo exits.

Last edited by hazel; 06-24-2016 at 12:17 PM. Reason: Additional information
 
Old 06-24-2016, 12:14 PM   #8
sgosnell
Senior Member
 
Registered: Jan 2008
Location: Baja Oklahoma
Distribution: Debian Stable and Unstable
Posts: 1,945

Rep: Reputation: 536Reputation: 536Reputation: 536Reputation: 536Reputation: 536Reputation: 536
If the sudoers.tmp file isn't saved, then it can't be moved to sudoers. That would seem to be the issue, but I have no idea why it's not being saved. Nano should save the file, but it's being called by visudo, not directly. You could try running nano from the terminal as root, making a file named /etc/sudoers.tmp, and trying to save it, and see what happens. Not having nano (or visudo) save the tmp file is a puzzlement to me.

Last edited by sgosnell; 06-24-2016 at 12:15 PM.
 
Old 06-24-2016, 12:21 PM   #9
hazel
LQ Guru
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: LFS, AntiX, Slackware
Posts: 5,484

Original Poster
Blog Entries: 16

Rep: Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251
Quote:
Originally Posted by sgosnell View Post
If the sudoers.tmp file isn't saved, then it can't be moved to sudoers. That would seem to be the issue, but I have no idea why it's not being saved. Nano should save the file, but it's being called by visudo, not directly. You could try running nano from the terminal as root, making a file named /etc/sudoers.tmp, and trying to save it, and see what happens. Not having nano (or visudo) save the tmp file is a puzzlement to me.
I told you, I don't have nano yet. This is a very skeletal system. Tomorrow, I'm going to wire up the ethernet port so that I can get some more software downloaded and installed, including wpa_supplicant, vim or nano, and an update for sudo.
 
Old 06-24-2016, 02:07 PM   #10
sgosnell
Senior Member
 
Registered: Jan 2008
Location: Baja Oklahoma
Distribution: Debian Stable and Unstable
Posts: 1,945

Rep: Reputation: 536Reputation: 536Reputation: 536Reputation: 536Reputation: 536Reputation: 536
So what is visudo using for an editor? I guess it uses vi by default, but nano is installed by default on most systems, and I've never seen anything other than nano. But visudo has to use an external editor, it has no capabilities for that on its own.

From the visudo man page:
Quote:
There is a hard-coded list of one or more editors that visudo will use set at compile-time that may be overridden via the editor sudoers Default variable.
...
visudo parses the sudoers file after the edit and will not save the changes if there is a syntax error. Upon finding an error, visudo will print a message stating the line number(s) where the error occurred and the user will receive the “What now?” prompt. At this point the user may enter ‘e’ to re-edit the sudoers file, ‘x’ to exit without saving the changes, or ‘Q’ to quit and save changes. The ‘Q’ option should be used with extreme care because if visudo believes there to be a parse error, so will sudo and no one will be able to run sudo again until the error is fixed. If ‘e’ is typed to edit the sudoers file after a parse error has been detected, the cursor will be placed on the line where the error occurred (if the editor supports this feature).
I don't know if any of this applies to your system, I've never even heard of NuTyX, but perhaps it might be helpful.

Last edited by sgosnell; 06-24-2016 at 02:17 PM.
 
Old 06-25-2016, 12:19 AM   #11
hazel
LQ Guru
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: LFS, AntiX, Slackware
Posts: 5,484

Original Poster
Blog Entries: 16

Rep: Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251
Visudo is hard-wired to use /usr/bin/vi if the EDITOR variable isn't set. I assume that's why it's called visudo. In Debian-based distros it seems to default to nano. I still don't know what causes the problem I ran into, but it seems to be a problem with vi and not just visudo itself. Yesterday, I managed to get an ethernet connection working and installed a lot of stuff including nano. With "EDITOR=nano visudo" everything works normally and I was able to give myself sudo rights.

It annoys me that I still don't have any idea what was going wrong, or indeed how the observed behaviour was brought about.

NuTyX is an unusual distro that was put together using Linux From Scratch. It's mostly binary but with a system of BSD-like ports that can be built locally. It installs without formatting the partition, so you can have any filesystem you like on your root partition, or install to a directory and then bundle it up as an iso image. You can even upgrade by reinstalling over the old image; only the active system directories will be removed and replaced leaving the home tree intact. And you can "net-install" it without using a disc image at all, just a simple bash script run in an existing Linux system. That's what I did. Of course the system you get then is skeletal, but it's fun fleshing it out.
 
Old 06-25-2016, 10:23 AM   #12
sgosnell
Senior Member
 
Registered: Jan 2008
Location: Baja Oklahoma
Distribution: Debian Stable and Unstable
Posts: 1,945

Rep: Reputation: 536Reputation: 536Reputation: 536Reputation: 536Reputation: 536Reputation: 536
So vi is installed on your system? If it is, visudo will certainly use it. I have no idea why it wouldn't work, and I've avoided dealing with vi forever. It's not something I need, and the learning curve is steeper than I'm willing to deal with. YMMV.

According to the NuTyX installation instructions, you can't use any filesystem you like, only the standard Linux filesystem types. It will format the root filesystem to the Linux filesystem of your choice if you select that. I don't believe Linux can run on just any filesystem, only a few. FAT, VFAT, NTFS, etc won't work. This is the same for any Linux distro, there are limits imposed by the Linux kernel.
 
Old 06-25-2016, 10:46 AM   #13
hazel
LQ Guru
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: LFS, AntiX, Slackware
Posts: 5,484

Original Poster
Blog Entries: 16

Rep: Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251Reputation: 3251
Quote:
Originally Posted by sgosnell View Post
So vi is installed on your system? If it is, visudo will certainly use it. I have no idea why it wouldn't work, and I've avoided dealing with vi forever. It's not something I need, and the learning curve is steeper than I'm willing to deal with. YMMV.
I don't like classic vi either, but I like vim and I really love gvim. It's the graphical editor that I use on all my systems, except for programming (when I use geany).
Quote:
According to the NuTyX installation instructions, you can't use any filesystem you like, only the standard Linux filesystem types. It will format the root filesystem to the Linux filesystem of your choice if you select that. I don't believe Linux can run on just any filesystem, only a few. FAT, VFAT, NTFS, etc won't work. This is the same for any Linux distro, there are limits imposed by the Linux kernel.
Well, that's what I meant of course: any Linux filesystem. I wasn't even thinking about NTFS. Though that filesystem thread I started in the Linux General forum has had some posts about using Linux on FAT, which I must say I hadn't previously considered possible. The point I was trying to make here is that most distros have a preferred filesystem (usually ext4) and format the partition you give them to that system before installing the software.
 
Old 06-25-2016, 11:45 AM   #14
sgosnell
Senior Member
 
Registered: Jan 2008
Location: Baja Oklahoma
Distribution: Debian Stable and Unstable
Posts: 1,945

Rep: Reputation: 536Reputation: 536Reputation: 536Reputation: 536Reputation: 536Reputation: 536
Every distro I've tried gives you an option to format a partition or not. Many do by default, but you can override that.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How to edit "sudoers" file using visudo maniac matt Linux - Newbie 11 06-22-2013 08:38 AM
[SOLVED] Changing sudoers file with Visudo briandc Linux - Newbie 6 04-15-2012 08:24 AM
sudoers file and visudo mattydee Slackware 16 12-23-2007 08:50 AM
Help with sudoers file (visudo) jasongunnisthedevil Linux - Security 1 01-20-2006 11:38 PM
visudo lets me edit sudoers but not save ver 3.3.1 suguru MEPIS 4 12-19-2005 06:23 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 04:39 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration