Gain Root Access to remote Server with sudo, su, and pkexec not working
Clash Royale CLAN TAG#URR8PPP
up vote
1
down vote
favorite
I'm running CentOS7 on an old dell box that I repurposed as a home server. I also ssh into it from a remote location to make sure everything is running smoothly, and to do things like rsync my laptop. In other terms, nobody is usually at home to reset the machine if anything goes wrong.
The situation:
Sometime last week, I must have broken something that allows commands like sudo, su, and pkexec to work.
Su won’t accept my root password, sudo gives the error:
sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set
I tried running something like pkexec /bin/bash, but I got the error:
pkexec must be setuid root
seeing that, I then did:
[crlsmdrn@server ~]$ ls -l /usr/bin/sudo
---x--x--x. 1 root root 143248 Jun 27 13:03 /usr/bin/sudo
So, is there any way to set permissions back to 4755 on sudo so I can get a root shell back remotely without having to reboot the machine?
Thanks
centos permissions terminal sudo root
add a comment |
up vote
1
down vote
favorite
I'm running CentOS7 on an old dell box that I repurposed as a home server. I also ssh into it from a remote location to make sure everything is running smoothly, and to do things like rsync my laptop. In other terms, nobody is usually at home to reset the machine if anything goes wrong.
The situation:
Sometime last week, I must have broken something that allows commands like sudo, su, and pkexec to work.
Su won’t accept my root password, sudo gives the error:
sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set
I tried running something like pkexec /bin/bash, but I got the error:
pkexec must be setuid root
seeing that, I then did:
[crlsmdrn@server ~]$ ls -l /usr/bin/sudo
---x--x--x. 1 root root 143248 Jun 27 13:03 /usr/bin/sudo
So, is there any way to set permissions back to 4755 on sudo so I can get a root shell back remotely without having to reboot the machine?
Thanks
centos permissions terminal sudo root
Looks like permissions are broken. You can not fix this without root access. Boot to recovery mode and see google.com/amp/s/www.cyberciti.biz/tips/…
– Panther
Dec 7 at 0:27
A reboot won't fix those permissions. A reboot, boot of a rescue disk and changing the perms back to what they were will.
– tink
Dec 7 at 0:28
It sounds as if you have recursively removed permissions as both sudo and pkexec have had their extra permissions revoked. If your disks are not too big, you could search the entire system to see if there are and suid programs left which might give you a way into the system. Usefind / -perm +2000 -type f -ls
and add the output to the question.
– icarus
Dec 7 at 1:25
You were right; it looks like I did accidentally.
– Carlos1001
Dec 7 at 2:16
add a comment |
up vote
1
down vote
favorite
up vote
1
down vote
favorite
I'm running CentOS7 on an old dell box that I repurposed as a home server. I also ssh into it from a remote location to make sure everything is running smoothly, and to do things like rsync my laptop. In other terms, nobody is usually at home to reset the machine if anything goes wrong.
The situation:
Sometime last week, I must have broken something that allows commands like sudo, su, and pkexec to work.
Su won’t accept my root password, sudo gives the error:
sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set
I tried running something like pkexec /bin/bash, but I got the error:
pkexec must be setuid root
seeing that, I then did:
[crlsmdrn@server ~]$ ls -l /usr/bin/sudo
---x--x--x. 1 root root 143248 Jun 27 13:03 /usr/bin/sudo
So, is there any way to set permissions back to 4755 on sudo so I can get a root shell back remotely without having to reboot the machine?
Thanks
centos permissions terminal sudo root
I'm running CentOS7 on an old dell box that I repurposed as a home server. I also ssh into it from a remote location to make sure everything is running smoothly, and to do things like rsync my laptop. In other terms, nobody is usually at home to reset the machine if anything goes wrong.
The situation:
Sometime last week, I must have broken something that allows commands like sudo, su, and pkexec to work.
Su won’t accept my root password, sudo gives the error:
sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set
I tried running something like pkexec /bin/bash, but I got the error:
pkexec must be setuid root
seeing that, I then did:
[crlsmdrn@server ~]$ ls -l /usr/bin/sudo
---x--x--x. 1 root root 143248 Jun 27 13:03 /usr/bin/sudo
So, is there any way to set permissions back to 4755 on sudo so I can get a root shell back remotely without having to reboot the machine?
Thanks
centos permissions terminal sudo root
centos permissions terminal sudo root
asked Dec 6 at 23:59
Carlos1001
194
194
Looks like permissions are broken. You can not fix this without root access. Boot to recovery mode and see google.com/amp/s/www.cyberciti.biz/tips/…
– Panther
Dec 7 at 0:27
A reboot won't fix those permissions. A reboot, boot of a rescue disk and changing the perms back to what they were will.
– tink
Dec 7 at 0:28
It sounds as if you have recursively removed permissions as both sudo and pkexec have had their extra permissions revoked. If your disks are not too big, you could search the entire system to see if there are and suid programs left which might give you a way into the system. Usefind / -perm +2000 -type f -ls
and add the output to the question.
– icarus
Dec 7 at 1:25
You were right; it looks like I did accidentally.
– Carlos1001
Dec 7 at 2:16
add a comment |
Looks like permissions are broken. You can not fix this without root access. Boot to recovery mode and see google.com/amp/s/www.cyberciti.biz/tips/…
– Panther
Dec 7 at 0:27
A reboot won't fix those permissions. A reboot, boot of a rescue disk and changing the perms back to what they were will.
– tink
Dec 7 at 0:28
It sounds as if you have recursively removed permissions as both sudo and pkexec have had their extra permissions revoked. If your disks are not too big, you could search the entire system to see if there are and suid programs left which might give you a way into the system. Usefind / -perm +2000 -type f -ls
and add the output to the question.
– icarus
Dec 7 at 1:25
You were right; it looks like I did accidentally.
– Carlos1001
Dec 7 at 2:16
Looks like permissions are broken. You can not fix this without root access. Boot to recovery mode and see google.com/amp/s/www.cyberciti.biz/tips/…
– Panther
Dec 7 at 0:27
Looks like permissions are broken. You can not fix this without root access. Boot to recovery mode and see google.com/amp/s/www.cyberciti.biz/tips/…
– Panther
Dec 7 at 0:27
A reboot won't fix those permissions. A reboot, boot of a rescue disk and changing the perms back to what they were will.
– tink
Dec 7 at 0:28
A reboot won't fix those permissions. A reboot, boot of a rescue disk and changing the perms back to what they were will.
– tink
Dec 7 at 0:28
It sounds as if you have recursively removed permissions as both sudo and pkexec have had their extra permissions revoked. If your disks are not too big, you could search the entire system to see if there are and suid programs left which might give you a way into the system. Use
find / -perm +2000 -type f -ls
and add the output to the question.– icarus
Dec 7 at 1:25
It sounds as if you have recursively removed permissions as both sudo and pkexec have had their extra permissions revoked. If your disks are not too big, you could search the entire system to see if there are and suid programs left which might give you a way into the system. Use
find / -perm +2000 -type f -ls
and add the output to the question.– icarus
Dec 7 at 1:25
You were right; it looks like I did accidentally.
– Carlos1001
Dec 7 at 2:16
You were right; it looks like I did accidentally.
– Carlos1001
Dec 7 at 2:16
add a comment |
1 Answer
1
active
oldest
votes
up vote
0
down vote
I was able to reset permissions on sudo without rebooting into rescue mode! This is what I did:
Thankfully, systemd was still allowing me to restart daemons because it was authenticating via polkit.
So, I made a unit file in my home directory containing:
/home/crlsmdrn/sudo-reset.service:
[Unit]
Description=reset sudo
[Service]
Type=oneshot
ExecStart=/home/crlsmdrn/sudo-reset.sh
[Install]
WantedBy=multi-user.target
I then made a file named sudo-reset.sh.
/home/crlsmdrn/sudo-reset.sh:
#!/bin/sh
chmod 4755 /usr/bin/sudo
Then:
[crlsmdrn@server ~]$ chmod +x /home/crlsmdrn/sudo-reset.sh
Followed by enabling and running the service:
[crlsmdrn@server ~]$ systemctl enable /home/crlsmdrn/sudo-reset.service
[crlsmdrn@server ~]$ systemctl start sudo-reset-service
[crlsmdrn@server ~]$ sudo
usage: sudo -h | -K | -k | -V
usage: sudo -v [-AknS] [-g group] [-h host] [-p prompt] [-u user]
usage: sudo -l [-AknS] [-g group] [-h host] [-p prompt] [-U user] [-u user] [command]
usage: sudo [-AbEHknPS] [-r role] [-t type] [-C num] [-g group] [-h host] [-p prompt] [-u user] [VAR=value] [-i|-s]
[<command>]
usage: sudo -e [-AknS] [-r role] [-t type] [-C num] [-g group] [-h host] [-p prompt] [-u user] file ...
I then was able to do sudo -s, then see what permissions were broken by looking back at the bash history; it looks like only /usr/bin got borked, so I ran rpm --setperms -a, which appeared to fix the permissions.
Don't forget to disable the service after doing this.
Moral of the story here: never run chown -R root:root on /usr/bin without expecting things to work the same.
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f486482%2fgain-root-access-to-remote-server-with-sudo-su-and-pkexec-not-working%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
I was able to reset permissions on sudo without rebooting into rescue mode! This is what I did:
Thankfully, systemd was still allowing me to restart daemons because it was authenticating via polkit.
So, I made a unit file in my home directory containing:
/home/crlsmdrn/sudo-reset.service:
[Unit]
Description=reset sudo
[Service]
Type=oneshot
ExecStart=/home/crlsmdrn/sudo-reset.sh
[Install]
WantedBy=multi-user.target
I then made a file named sudo-reset.sh.
/home/crlsmdrn/sudo-reset.sh:
#!/bin/sh
chmod 4755 /usr/bin/sudo
Then:
[crlsmdrn@server ~]$ chmod +x /home/crlsmdrn/sudo-reset.sh
Followed by enabling and running the service:
[crlsmdrn@server ~]$ systemctl enable /home/crlsmdrn/sudo-reset.service
[crlsmdrn@server ~]$ systemctl start sudo-reset-service
[crlsmdrn@server ~]$ sudo
usage: sudo -h | -K | -k | -V
usage: sudo -v [-AknS] [-g group] [-h host] [-p prompt] [-u user]
usage: sudo -l [-AknS] [-g group] [-h host] [-p prompt] [-U user] [-u user] [command]
usage: sudo [-AbEHknPS] [-r role] [-t type] [-C num] [-g group] [-h host] [-p prompt] [-u user] [VAR=value] [-i|-s]
[<command>]
usage: sudo -e [-AknS] [-r role] [-t type] [-C num] [-g group] [-h host] [-p prompt] [-u user] file ...
I then was able to do sudo -s, then see what permissions were broken by looking back at the bash history; it looks like only /usr/bin got borked, so I ran rpm --setperms -a, which appeared to fix the permissions.
Don't forget to disable the service after doing this.
Moral of the story here: never run chown -R root:root on /usr/bin without expecting things to work the same.
add a comment |
up vote
0
down vote
I was able to reset permissions on sudo without rebooting into rescue mode! This is what I did:
Thankfully, systemd was still allowing me to restart daemons because it was authenticating via polkit.
So, I made a unit file in my home directory containing:
/home/crlsmdrn/sudo-reset.service:
[Unit]
Description=reset sudo
[Service]
Type=oneshot
ExecStart=/home/crlsmdrn/sudo-reset.sh
[Install]
WantedBy=multi-user.target
I then made a file named sudo-reset.sh.
/home/crlsmdrn/sudo-reset.sh:
#!/bin/sh
chmod 4755 /usr/bin/sudo
Then:
[crlsmdrn@server ~]$ chmod +x /home/crlsmdrn/sudo-reset.sh
Followed by enabling and running the service:
[crlsmdrn@server ~]$ systemctl enable /home/crlsmdrn/sudo-reset.service
[crlsmdrn@server ~]$ systemctl start sudo-reset-service
[crlsmdrn@server ~]$ sudo
usage: sudo -h | -K | -k | -V
usage: sudo -v [-AknS] [-g group] [-h host] [-p prompt] [-u user]
usage: sudo -l [-AknS] [-g group] [-h host] [-p prompt] [-U user] [-u user] [command]
usage: sudo [-AbEHknPS] [-r role] [-t type] [-C num] [-g group] [-h host] [-p prompt] [-u user] [VAR=value] [-i|-s]
[<command>]
usage: sudo -e [-AknS] [-r role] [-t type] [-C num] [-g group] [-h host] [-p prompt] [-u user] file ...
I then was able to do sudo -s, then see what permissions were broken by looking back at the bash history; it looks like only /usr/bin got borked, so I ran rpm --setperms -a, which appeared to fix the permissions.
Don't forget to disable the service after doing this.
Moral of the story here: never run chown -R root:root on /usr/bin without expecting things to work the same.
add a comment |
up vote
0
down vote
up vote
0
down vote
I was able to reset permissions on sudo without rebooting into rescue mode! This is what I did:
Thankfully, systemd was still allowing me to restart daemons because it was authenticating via polkit.
So, I made a unit file in my home directory containing:
/home/crlsmdrn/sudo-reset.service:
[Unit]
Description=reset sudo
[Service]
Type=oneshot
ExecStart=/home/crlsmdrn/sudo-reset.sh
[Install]
WantedBy=multi-user.target
I then made a file named sudo-reset.sh.
/home/crlsmdrn/sudo-reset.sh:
#!/bin/sh
chmod 4755 /usr/bin/sudo
Then:
[crlsmdrn@server ~]$ chmod +x /home/crlsmdrn/sudo-reset.sh
Followed by enabling and running the service:
[crlsmdrn@server ~]$ systemctl enable /home/crlsmdrn/sudo-reset.service
[crlsmdrn@server ~]$ systemctl start sudo-reset-service
[crlsmdrn@server ~]$ sudo
usage: sudo -h | -K | -k | -V
usage: sudo -v [-AknS] [-g group] [-h host] [-p prompt] [-u user]
usage: sudo -l [-AknS] [-g group] [-h host] [-p prompt] [-U user] [-u user] [command]
usage: sudo [-AbEHknPS] [-r role] [-t type] [-C num] [-g group] [-h host] [-p prompt] [-u user] [VAR=value] [-i|-s]
[<command>]
usage: sudo -e [-AknS] [-r role] [-t type] [-C num] [-g group] [-h host] [-p prompt] [-u user] file ...
I then was able to do sudo -s, then see what permissions were broken by looking back at the bash history; it looks like only /usr/bin got borked, so I ran rpm --setperms -a, which appeared to fix the permissions.
Don't forget to disable the service after doing this.
Moral of the story here: never run chown -R root:root on /usr/bin without expecting things to work the same.
I was able to reset permissions on sudo without rebooting into rescue mode! This is what I did:
Thankfully, systemd was still allowing me to restart daemons because it was authenticating via polkit.
So, I made a unit file in my home directory containing:
/home/crlsmdrn/sudo-reset.service:
[Unit]
Description=reset sudo
[Service]
Type=oneshot
ExecStart=/home/crlsmdrn/sudo-reset.sh
[Install]
WantedBy=multi-user.target
I then made a file named sudo-reset.sh.
/home/crlsmdrn/sudo-reset.sh:
#!/bin/sh
chmod 4755 /usr/bin/sudo
Then:
[crlsmdrn@server ~]$ chmod +x /home/crlsmdrn/sudo-reset.sh
Followed by enabling and running the service:
[crlsmdrn@server ~]$ systemctl enable /home/crlsmdrn/sudo-reset.service
[crlsmdrn@server ~]$ systemctl start sudo-reset-service
[crlsmdrn@server ~]$ sudo
usage: sudo -h | -K | -k | -V
usage: sudo -v [-AknS] [-g group] [-h host] [-p prompt] [-u user]
usage: sudo -l [-AknS] [-g group] [-h host] [-p prompt] [-U user] [-u user] [command]
usage: sudo [-AbEHknPS] [-r role] [-t type] [-C num] [-g group] [-h host] [-p prompt] [-u user] [VAR=value] [-i|-s]
[<command>]
usage: sudo -e [-AknS] [-r role] [-t type] [-C num] [-g group] [-h host] [-p prompt] [-u user] file ...
I then was able to do sudo -s, then see what permissions were broken by looking back at the bash history; it looks like only /usr/bin got borked, so I ran rpm --setperms -a, which appeared to fix the permissions.
Don't forget to disable the service after doing this.
Moral of the story here: never run chown -R root:root on /usr/bin without expecting things to work the same.
answered Dec 7 at 1:49
Carlos1001
194
194
add a comment |
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f486482%2fgain-root-access-to-remote-server-with-sudo-su-and-pkexec-not-working%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Looks like permissions are broken. You can not fix this without root access. Boot to recovery mode and see google.com/amp/s/www.cyberciti.biz/tips/…
– Panther
Dec 7 at 0:27
A reboot won't fix those permissions. A reboot, boot of a rescue disk and changing the perms back to what they were will.
– tink
Dec 7 at 0:28
It sounds as if you have recursively removed permissions as both sudo and pkexec have had their extra permissions revoked. If your disks are not too big, you could search the entire system to see if there are and suid programs left which might give you a way into the system. Use
find / -perm +2000 -type f -ls
and add the output to the question.– icarus
Dec 7 at 1:25
You were right; it looks like I did accidentally.
– Carlos1001
Dec 7 at 2:16