Ubuntu Linux Restore admin / root level permissions

Posted on in Categories Tips, Troubleshooting, Ubuntu Linux, User Management last updated November 1, 2007

I was writing and testing few python scripts (yes I’m moving lot of stuff from shell / perl to python these days) and accidentally I renamed my own user account from vivek to test. However, I did not noticed change until I rebooted my box. Now I cannot run sudo (or become a root user) and cannot access special devices such as sound or video.

By default your first account has all power via sudo under Ubuntu Linux. There is a special group called adm and admin which grants unlimited power via sudo.

The only solution was to boot computer in emergency mode (reboot computer and at grub menu select recovery mode kernel), open /etc/group file and add user vivek to admin and adm group:
# vi /etc/group
Add user vivek to admin and adm group:
admin:x:117:vivek
adm:x:4:vivek

Save and close the file.

Now I’m able to run sudo and do other stuff. Luckily, my scripts always backup critical files before modification. So I was able to restore permission instantly. Here is my group membership with all power and glory ๐Ÿ˜‰
$ id
$ groups

Output:

vivek adm dialout cdrom floppy audio dip video plugdev scanner netdev lpadmin powerdev admin

Linux Gnome desktop: Open files as root via a right click (context menu option)

Posted on in Categories Gnome, Howto, Linux, Linux desktop last updated October 2, 2007

Windows XP has a small option called Run as command.. You can add similar option to Linux desktop to open or run file as root via a right click. The following tutorial explains how to add a context menu item that enables a Linux user to open files as the root user when browsing their file system using nautilus. This script feature allows the user to navigate their file system and open or edit any file or directory as the root user of the system. It’s a perfect solution for those that are not completely comfortable using terminal commands.

=> How to open files as root via a right click

nixCraft FAQ Roundup April 27, 2007

Posted on in Categories FAQ last updated April 27, 2007

Recently updated/posted Linux and UNIX FAQ (mostly useful to Linux/UNIX new administrators or users) :

Enjoy!

How do I forcefully unmount a Linux disk partition?

Posted on in Categories CentOS, Data recovery, Debian Linux, File system, Linux, RedHat/Fedora Linux, Security, Storage, Suse Linux, Sys admin, Troubleshooting, Ubuntu Linux last updated January 27, 2006

Sometimes you try to unmount a disk partition or mounted CD/DVD disk or device, which is accessed by other users, then you will get an error umount: /xxx: device is busy. However, Linux or FreeBSD comes with the fuser command to kill forcefully mounted partition. For example, you can kill all processes accessing the file system mounted at /nas01 using the fuser command.

Understanding device error busy error

Linux / UNIX will not allow you to unmount a device that is busy. There are many reasons for this (such as program accessing partition or open file) , but the most important one is to prevent the data loss. Try the following command to find out what processes have activities on the device/partition. If your device name is /dev/sdb1, enter the following command as root user:
# lsof | grep '/dev/sda1'
Output:

vi 4453       vivek    3u      BLK        8,1                 8167 /dev/sda1

Above output tells that user vivek has a vi process running that is using /dev/sda1. All you have to do is stop vi process and run umount again. As soon as that program terminates its task, the device will no longer be busy and you can unmount it with the following command:
# umount /dev/sda1

How do I list the users on the file-system /nas01/?

Type the following command:
# fuser -u /nas01/
# fuser -u /var/www/

Sample outputs:

/var/www:             3781rc(root)  3782rc(nginx)  3783rc(nginx)  3784rc(nginx)  3785rc(nginx)  3786rc(nginx)  3787rc(nginx)  3788rc(nginx)  3789rc(nginx)  3790rc(nginx)  3791rc(nginx)  3792rc(nginx)  3793rc(nginx)  3794rc(nginx)  3795rc(nginx)  3796rc(nginx)  3797rc(nginx)  3798rc(nginx)  3800rc(nginx)  3801rc(nginx)  3802rc(nginx)  3803rc(nginx)  3804rc(nginx)  3805rc(nginx)  3807rc(nginx)  3808rc(nginx)  3809rc(nginx)  3810rc(nginx)  3811rc(nginx)  3812rc(nginx)  3813rc(nginx)  3815rc(nginx)  3816rc(nginx)  3817rc(nginx)

The following discussion allows you to unmout device and partition forcefully using mount or fuser Linux commands.

Linux fuser command to forcefully unmount a disk partition

Suppose you have /dev/sda1 mounted on /mnt directory then you can use fuser command as follows:

WARNING! These examples may result into data loss if not executed properly (see “Understanding device error busy error” for more information).

Type the command to unmount /mnt forcefully:
# fuser -km /mnt
Where,

  • -k : Kill processes accessing the file.
  • -m : Name specifies a file on a mounted file system or a block device that is mounted. In above example you are using /mnt

Linux umount command to unmount a disk partition.

You can also try the umount command with รขโ‚ฌโ€œl option on a Linux based system:
# umount -l /mnt
Where,

  • -l : Also known as Lazy unmount. Detach the filesystem from the filesystem hierarchy now, and cleanup all references to the filesystem as soon as it is not busy anymore. This option works with kernel version 2.4.11+ and above only.

If you would like to unmount a NFS mount point then try following command:
# umount -f /mnt
Where,

  • -f: Force unmount in case of an unreachable NFS system

Please note that using these commands or options can cause data loss for open files; programs which access files after the file system has been unmounted will get an error.

See also:

FreeBSD: How to write protect important file ( even root can NOT modify / delete file )

Posted on in Categories File system, FreeBSD, Security last updated June 29, 2005

The chflags utility modifies the file flags of the listed files as specified by the flags operand.

FreeBSD offers write protection, you need to to set special bit call immutable. Once this bit is setup no one can delete or modify file including root. And only root can clear the File immutable bit.

You must be a root user to setup or clear the immutable bit.

Setup file immutable bit

Use chflags command as follows:
# chflags schg /tmp/test.doc
Try to remove or moify file file with rm or vi:
# rm -f /tmp/test.doc
Output:

rm: /tmp/test.doc: Operation not permitted

Now root user is not allowed to remove or modify file. This is useful to protect important file such as /etc/passwd, /etc/master.passwd etc.

Display if file immutable bit is on or off

ls -lo /tmp/test.doc
Output:

-rw-r--r--  1 root  wheel  schg 19 Jun 29 22:22 /tmp/test.doc

Clear or remove file immutable bit

#chflags noschg /tmp/test.doc
Now you can remove or modify file. Please note that immutable flag can be set by root user only. chflags also supports few other interesting flags.

  • arch: set the archived flag
  • nodump: set the nodump flag
  • sappnd: set the system append-only flag
  • schg: set the system immutable flag
  • sunlnk: set the system undeletable flag
  • uappnd: set the user append-only flag
  • uchg: set the user immutable flag
  • uunlnk: set the user undeletable flag

Putting the letters no before an option causes the flag to be turned off.

Please note Linux also supports immutable flag to write protect files using chattr command.

See man page chflags and ls commands for more information.

FreeBSD: Becoming Super User (su) or Enabling su Access For User Account

Posted on in Categories FreeBSD last updated February 23, 2005

The superuser is a privileged user with unrestricted access to all files and commands. The superuser has the special UID (user ID) 0. You need to become super user (root) only when tasks need root permissions. Here is how to become a super user:
Continue reading “FreeBSD: Becoming Super User (su) or Enabling su Access For User Account”