sudo fails with "... /etc/sudoers: Permission denied" for root but not for user
Hi all,
I have three machines which are updated from sid regulary and are on the
same update level now (especially for the tests).
All 3 machines use the same versions for all common installed packages.
Especially for sudo base* etc.
Two machines run fine but one has a weird problem:
starting sudo as root makes me sad:
pts/3 jazz:root /home/harald # sudo
sudo: can't open /etc/sudoers: Permission denied
but as user I'm lucky:
pts/2 jazz:harald /usr/src % sudo
usage: sudo -V | -h | -L | -l | -v | -k | -K | [-H] [-P] [-S] [-b] [-p
prompt] [-u username/#uid] -s | <command>
no problem on the other machines.
I already know that /etc/sudoers should have mode 0440:
pts/3 jazz:root /home/harald # ll /etc/sudoers
-r--r----- 1 root root 417 Oct 12 18:42 /etc/sudoers
also lsattr gives me:
pts/3 jazz:root /home/harald # lsattr /etc/sudoers
----------------- /etc/sudoers
and:
pts/3 jazz:root /home/harald # ll /
[...]
drwxr-xr-x 170 root root 8192 Oct 13 01:22 etc/
[...]
if starting sudo as user from another sudo I get:
pts/2 jazz:harald /usr/src % sudo sudo
sudo: can't open /etc/sudoers: Permission denied
which is no problem on another machine (even as root):
pts/2 server:root /z/download/xnap # sudo sudo
usage: sudo -V | -h | -L | -l | -v | -k | -K | [-H] [-P] [-S] [-b] [-p
prompt] [-u username/#uid] -s | <command>
my /etc/sudoers (for testing):
pts/2 jazz:harald /usr/src % sudo cat /etc/sudoers
# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the man page for details on how to write a sudoers file.
#
# Host alias specification
# User alias specification
# Cmnd alias specification
# Defaults specification
Defaults !env_editor
Defaults editor=/z/bin/e-wait
Defaults root_sudo
# User privilege specification
root ALL=(ALL) NOPASSWD:ALL
%sudo ALL=(ALL) NOPASSWD:ALL
which has the same effects when only using the last two lines.
What I'm wondering about: I do not see how permission can be denied for
root, but not for a user?
strace gives me:
pts/3 jazz:root /home/harald # strace sudo
[...]
stat64("/bin/zsh", {st_mode=S_IFREG|0755, st_size=427948, ...}) = 0
lstat64("/etc/sudoers", {st_mode=S_IFREG|0440, st_size=417, ...}) = 0
setregid32(0xffffffff, 0) = 0
setreuid32(0, 0x1) = 0
open("/etc/sudoers", O_RDONLY) = -1 EACCES (Permission denied)
geteuid32() = 1
setreuid32(0, 0) = 0
write(2, "sudo: can\'t open /etc/sudoers", 29sudo: can't open
/etc/sudoers) = 29 write(2, ": Permission denied", 19: Permission
denied) = 19
[...]
On the other systems a strace gives similar results (that means, I
changed all differences in nsswitch.conf etc. to get the same strace),
there are only diffences in module load addresses etc. up to the lines
listed above.
I have to say, that this machine was installed from a knoppix-3.3 CD,
which generates a debian system with some knoppix-packages. Then I
purged these packages and installed all packages I have on the other
machines (not exactly, because one is a server and another is a laptop,
but the base system is very similar).
The laptop was installed in a similar way, but using knoppix 3.2
I tried to find differences between the /etc dirs on all three machines,
but didn't find a significant one.
I then made another test: I replaced the etc on the faulty machine with
the /etc of the laptop, but this didn't change anything.
So I'm lost in space...
This machine has a few other weird behaviour which IMHO comes from the
same permission problem. So wajig doesn't work like expected (sometimes)
because wajig uses sudo. Until now I found no other problem not related
to sudo.
Despite from that I don't see any problem.
Does anyone have a clue whats going on here?
Where do you think I should look next?
thanks in advance...
Harald
Reply to: