and is greeted with <\/p>\n\n\n\n What happened? I had access before? Bob thinks to himself. Seems like I am not in the wheel group anymore. Bob being a smart person decides to attempt recovery mode. He’ll boot up and just readd his user to the wheel group.<\/p>\n\n\n\n Recovery mode starts up and then fails due to the root account being locked. What?!<\/p>\n\n\n\n Bob then starts talking to himself as he is in need of some expert advice. What other options do I have. I know! He runs to find his handy dandy Live Fedora pen drive. Plugs it in and boots up into a live version of Fedora. Now I can mount and access the main drive.<\/p>\n\n\n\n But wait, I can’t run “usermod -G wheel bob” because that will only affect the Live System. I could chroot into the drive. That would require mounting some extra mount points. Is there a faster way? We could maybe edit the \/etc\/group and add “wheel:x:10:bob”. That should add bob back to the wheel group. Right?<\/p>\n\n\n\n Wait, what about the sudoers file. We are normally supposed to use “sudo visudo” command to modify the file. Let’s check the file and see if we can just manually edit it.<\/p>\n\n\n\n Hmm, okay I am going to need to change permissions to save the file. Let’s chmod that to 644 temporarily <\/p>\n\n\n\n Alright now I should be able to edit it.<\/p>\n\n\n\n Okay, now I need to explicitly give myself permission to use sudo. Where is that line. Ah-ha!<\/p>\n\n\n\n Lets duplicate that with yy and p, replace root with my username.<\/p>\n\n\n\n Save that with esc then :wq enter<\/p>\n\n\n\n Now change the file permissions back<\/p>\n\n\n\n Reboot the system and now lets login and test sudo. <\/p>\n\n\n\n Success! <\/p>\n\n\n\n Bob, satisfied that the problem is resolved, rewards himself by getting a sandwich.<\/p>\n\n\n\n <\/p>\n\n\n\n <\/p>\n\n\n\n https:\/\/docs.fedoraproject.org\/en-US\/quick-docs\/root-account-locked\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":" Bob has a computer running Fedora. When he installed Fedora he didn’t setup the root password and locked the root account. That is best practice. Right? Then one day he goes to upgrade to the latest version of Fedora and … Continue reading ![\"\"](\"https:\/\/www.incredigeek.com\/home\/wp-content\/uploads\/2022\/05\/image-4.png\")
<\/a>$ stat -c \"%n %a\" \/etc\/sudoers\n\/etc\/sudoers 440\n$<\/pre>\n\n\n\n
<\/a>$ sudo chmod 644 \/etc\/sudoers <\/pre>\n\n\n\n
$ sudo vi \/etc\/sudoers<\/pre>\n\n\n\n
root \u00a0\u00a0\u00a0ALL=(ALL) \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0ALL<\/pre>\n\n\n\n
root \u00a0\u00a0\u00a0ALL=(ALL) \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0ALL\nbob \u00a0\u00a0\u00a0\u00a0ALL=(ALL) \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0ALL<\/strong><\/pre>\n\n\n\n
sudo chmod 400 \/etc\/sudoers<\/pre>\n\n\n\n
$ sudo whoami \nroot<\/pre>\n\n\n\n
sudo make me a sandwich<\/pre>\n\n\n\n