(SOLVED) Default sudoers openhab

rad1xs · September 3, 2018, 1:31pm

Hello!

I need a default openhab sudoers, the task of an error when modifying sudoers, so now I can not modify any file with sudo.

>>> /etc/sudoers: syntax error near line 28 <<<
sudo: parse error in /etc/sudoers near line 28
sudo: no valid sudoers sources found, quitting

My mistake!!!

halloween · September 3, 2018, 2:47pm

Here is my openhabcontrol file in /etc/sudoers.d folder:

It´s already modified by me.

Cmnd_Alias SHUTDOWN_CMDS = /sbin/poweroff, /sbin/halt, /sbin/reboot, /bin/systemctl restart openhab2.service, /bin/systemctl start openhab2.service, /bin/systemctl stop openhab2.service
Cmnd_Alias UPDATE_COMMANDS = /usr/bin/apt-get
Cmnd_Alias OTHER_COMMANDS = /bin/bash /bin/echo, /usr/bin/curl, /bin/grep, /bin/sed, /bin/echo, /usr/sbin/arping

openhab ALL=(ALL) NOPASSWD: SHUTDOWN_CMDS, UPDATE_COMMANDS, OTHER_COMMANDS

But why don´t you simply remove the file? Then the error is gone? On a new installation, sudoers.d folder is empty?

Edit:
Oh, now i have read the posting again, you want to have the sudoers-file, not the own file in the sudoers.d folder…

Here is mine from debian-installation:

#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults	env_reset
Defaults	mail_badpass
Defaults	secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root	ALL=(ALL:ALL) ALL

# Allow members of group sudo to execute any command
%sudo	ALL=(ALL:ALL) ALL

# See sudoers(5) for more information on "#include" directives:

#includedir /etc/sudoers.d

rlkoshak · September 4, 2018, 6:48pm

You are in a load of trouble.

Always edit sudoers using visudo. That checks for errors and rejects the file if there are problems.

The easiest thing is if you have another Linux computer. You can then mount the SD card’s file system and edit the file using visudo. So if you mount the SD card to /media then you would run sudo visudo -f /mnt/etc/sudoers. Even though this isn’t a live sudoers file visudo will still check for syntax errors.

You will not be able to replace, modify or otherwise replace the broken visudoers file on your running system because it will require sudo to do so. As long as there is a syntax error no user has access to sudo anymore.

rad1xs · September 5, 2018, 12:51pm

Yes! my mistake, but I prefer “nano”. (I know the consequences …)

My solution was to put SD-Card in another system with the Linux live version and edit the file.

rlkoshak · September 5, 2018, 2:39pm

You can configure visudo to use nano.

You should never edit sudoers without using visudo.

rad1xs · September 5, 2018, 8:54pm

… thanks a lot!!!

I will check!

dastrix80 · July 11, 2019, 4:50am

Hi All

Im trying to get openhab to run a command to shutdown a windows system. I believe i need to edit the visudo file but not sure what with

sudo net rpc shutdown -I 192.168.1.4 -U user%password is what I want to run…

Any suggestions?

rlkoshak · July 11, 2019, 2:33pm