Ubuntu, lost user privileges

[DavePM]

For some reason I seem to have lost my user privileges on my Ubuntu Cinnamon installation. When booting up I get the normal logon screen with my username dave. However I do see a prompt to the left of this saying user not listed. I am able to log on using that username and password but once in I am unable to install application or do anything in terminal that needs sudo athentication.

I did ask TuxBot and tried the suggestions given here https://www.linux.org/threads/installing-software.45525/

In the last suggestion given I was only able to get into the GRUB prompt by pressing the Esc but did not see any reference to recovery mode as suggested. I also ran the two commands but nothing worked?

 

[KGIII]

When you get to the login screen. press CTRL + ALT + F3. That should bring up TTY3.

See if you can log in on that screen.

By the way, to get back to a GUI you can hold your right ALT key and press the right arrow button until you're back to a graphical environment. However, you will still not be logged in, that's just for informational purposes.

The goal here is to see if you're able to log in this way.

 

[wizardfromoz]

When you get to the login screen. press CTRL + ALT + F3. That should bring up TTY3.

Just a heads up, that can be inaccurate.

Here's a quote from an old Ubuntu forum thread, and it can still apply today

You can switch tty as you have described by pressing:

• Ctrl+Alt+F1 : (tty1, X is here on Ubuntu 17.10+)
• Ctrl+Alt+F2 : (tty2)
• Ctrl+Alt+F3 : (tty3)
• Ctrl+Alt+F4 : (tty4)
• Ctrl+Alt+F5 : (tty5)
• Ctrl+Alt+F6 : (tty6)
• Ctrl+Alt+F7 : (tty7, X is here when using Ubuntu 17.04 and below)

You might also be able to use Alt+Left/Right


Note that different distros assign these differently. RHEL 6, for example, assigns the X server to tty1 and a "dumb terminal" / "console" to tty2-7, while RHEL 5 assigns consoles to tty1-6, and x.org to tty7. Some x.org setups also make switching to any random console more difficult; RHEL 5.5, for example, has a dedicated x.org key to switch to tty1, and from there you can get to tty2-6 more easily.

So Dave, if what David said above does not work for you, try the other combinations from 1 - 7, one of them should work to get you to tty session.

To give you an example of how computers can differ, my Dell Inspiron uses Ctrl+Alt+F4.

If/when you get to a TTY session -

I was only able to get into the GRUB prompt by pressing the Esc but did not see any reference to recovery mode as suggested.

It is likely there is a line in /etc/default/grub which reads

GRUB_DISABLE_RECOVERY="true"

which once you have sudo access, you can change, and then update grub.

Am I right in thinking that "the GRUB prompt" means a grub menu? Later, it is a good idea, IMO, to make this visible at startup, we can tell you how.

Also, if/when you get to a TTY session -

Type in and enter

groups

Mine, on Lunar Cinnamon, looks like this

chris@LunarCinnamon-SSD:~$ groups
chris adm cdrom sudo dip plugdev users lpadmin sambashare

If the sudo group is missing from your output, that will account for your difficulties.

Make allowance for my timezone (east coast Australia) and I will return when I can, but if you can give us feedback from what I have asked above, someone else may pick up the ball and run with it.

Cheers

Wiz

 

[bob466]

I've never had this happen to me but I did see this video that might help...never tried this myself...create a Timeshift snapshot before you start.

 

[DavePM]

When you get to the login screen. press CTRL + ALT + F3. That should bring up TTY3.

Right I was able to get into it doing the above. It asked me to log in and I seem to do that with my username and password.

Also, if/when you get to a TTY session -

Type in and enter

I did this and have attached a screen shot below.

The thing is even that it seemed I could log into my username when I try and run any command it asks me for my password. I enter that and get a response "dave is not in the suddor file"

To me it looks very much like I will end up having to install Linux again

 

[wizardfromoz]

For login you have out

Dave

instead of

dave

I have to leave for my evening meal but I will be back on deck in around 14 hours or so.

If all else fails, and you have a USB stick or DVD for installation of Lunar Cinnamon, we can use a process called

chroot

from the USB/DVD to get in and fix.

Cheers

Wiz

 

[DavePM]

For login you have out

Dave

instead of

dave

Yes I thought I would try the Dave first just to make sure my user name did not contain the Cap D. My second attempt was with dave.

Not sure if this is of any help but I tried to run the following.

dave@dave-Vostro-3558:~$ cat /ect/passwd
cat: /ect/passwd: No such file or directory
dave@dave-Vostro-3558:~$ less /ect/passwd
/ect/passwd: No such file or directory
dave@dave-Vostro-3558:~$

If all else fails, and you have a USB stick or DVD for installation of Lunar Cinnamon, we can use a process called

chroot

from the USB/DVD to get in and fix.

I do have the Ubuntu USB that I installed it from.

 

[KGIII]

Just a heads up, that can be inaccurate.

It can be - but they specified they were using Ubuntu. With Ubuntu, I specify F3 out of habit but I'm not sure why I do that?

Right I was able to get into it doing the above. It asked me to log in and I seem to do that with my username and password.

Then:

ave@dave-Vostro-3558:~$ cat /ect/passwd

That's because it should be cat /etc/passwd - you typed it wrong, as 'etc' is short for et cetera.

I suppose the first thing you should try is starting the GUI. I haven't done this with Ubuntu, so try:

startx

If that doesn't work, let's just try updating:

sudo apt update && sudo apt upgrade -y

That command probably won't give you any choices. It'll just run and apply updates. So, you can walk away and get a cup of coffee.

This assumes you have a network connection. Which, for the most part, you can expect to have started at that point.

 

[KGIII]

Yes I thought I would try the Dave first just to make sure my user name did not contain the Cap D.

Also, just a bit of trivia/userful bits of knowledge, usernames can't have capital letters (AFAIK - no distro has ever let me use caps, as far as I recall - though I suppose I stopped trying after a while).

I prefer my username to be like it is here - all caps. Alas, this goes way back to when we used dumb terminals. I don't think there's any particular technical reason why we can't use them now. They're just not allowed.

 

[wizardfromoz]

To me it looks very much like I will end up having to install Linux again

Of course that is an option for you, but if you have created or copied important data to the install or have settings you want to keep, you might want to protect those first.

Other than that - I don't suppose you had Timeshift installed and a snapshot taken, did you? If so, we can use that.

Next option is to do with

I do have the Ubuntu USB that I installed it from.

Here is where we can use chroot.

chroot is a process whereby we can change our Live User to becoming the Root user of our installed OS. It might be to change, install, fix a broken Grub bootloader, or to change other processes such as how our computer boots, and so on.

In this case, we can use it to give you back sudo privileges. So without further ado

PROCESS 1

1. First, establish what partitions your Ubuntu Cinnamon is on. For example, if you are on a computer which has UEFI/GPT you might have /dev/sda1 as your EFI System Partition (likely FAT32, 100 - 500 MiB) and your root partition for Ubuntu on /dev/sda2.

In Terminal, you can use

df or lsblk to establish these identifiers, your root partition will have a / in the output

Also get that output from

groups

and write them all down.

2. Boot/reboot your computer into the Live USB stick environment, it might involve using F12 or the key you have assigned, to get the boot menu and choose the Live USB option.

Once you get into the Live booting, choose Try Ubuntu, not the install, this will bring you to the desktop.

3. (Optional) At the Live Desktop, I always modify my Settings to increase my mouse cursor size, turn off any screensavers and Power saving options.

4. Open Terminal (from the Menu, or Ctrl-Alt-t). Your Terminal prompt will look something like

ubuntu-cinnamon@ubuntu-cinnamon:~$

Type in and Enter the following

sudo parted -ls # OR just lsblk (I use)

and establish that your Ubuntu Cinnamon matches what you had written down.

Then type in and Enter the following lines (where /dev/sdxy is what you have written for your Ubuntu root partition, and /dev/sdxz is if you are running on UEFI-GPT)

sudo mount /dev/sdxy /mnt

sudo mount /dev/sdxz /mnt/boot/efi

for i in /sys /proc /run /dev /dev/pts; do sudo mount --bind "$i" "/mnt$i"; done

OPTIONAL sudo cp /etc/resolv.conf /mnt/etc/ (did not work for me this time)

sudo chroot /mnt

5. If you are successful with the above, you will now be in your Ubuntu Cinnamon install, and the Terminal prompt will have changed to something like

root@ubuntu-cinnamon:/#

The "root" and the # are evidence that you are chrooted successfully.

Let's check that for sure.

6. Type in and enter

cat /etc/os-release

you should get something like

PRETTY_NAME="Ubuntu 23.04"
NAME="Ubuntu"
VERSION_ID="23.04"
VERSION="23.04 (Lunar Lobster)"
VERSION_CODENAME=lunar
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=lunar
LOGO=ubuntu-logo

So we are in Ubuntu Cinnamon, as Root, and can fix our sudo privileges.

PROCESS 2

7. First we will check the file /etc/sudoers and amend if necessary, and then we'll add our self to the sudo group.

Whereas with any other text file, we might use the Nano console-based text editor to edit, or the GUI-based gedit or other editor to change things, with /etc/sudoers, it is important to use

visudo

to edit the file, so we do not break it or corrupt it. If you have used Nano, you will see the similarities.

My comments have a # preceding them, they are not a command.

Make sure exists line as follows

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL

... if not, add it. If added, you will need to exit the modified file, saving changes, which involves using Ctrl-x and pressing enter when it displays the file name, and Y for Yes.

8. Now we'll add ourselves to the sudo group.

usermod -aG sudo dave

Then check (and give us the output for)

groups

If it includes dave, we're good.


9. If you want to get that Recovery option, then while we are chrooted is a good time.

For permanent change you'll need to edit your /etc/default/grub file:

nano /etc/default/grub


Place a # symbol at the start of line GRUB_HIDDEN_TIMEOUT=0 to comment it out. If that line doesn't exist, then you can comment out this line instead: # GRUB_TIMEOUT_STYLE=hidden, and then change GRUB_TIMEOUT=0 to GRUB_TIMEOUT=5, for instance (I use 10 seconds), to give the grub menu a 5 second timeout before it automatically logs you in.

Also make sure that you amend, if necessary, to have

GRUB_DISABLE_RECOVERY="false"

or just place a # in front of the "true" line. Then you can always use Recovery from your Advanced Options submenu, which is easier than chroot.

Exit Nano the same way you did with visudo.

Save changes and run update-grub to apply changes.

10. To exit chroot, you can use

Ctrl-d or exit.

Then type in and enter

reboot

Let us know how you go.

Wizard

 

[sphen]

Yes I thought I would try the Dave first just to make sure my user name did not contain the Cap D. My second attempt was with dave.

Not sure if this is of any help but I tried to run the following.

dave@dave-Vostro-3558:~$ cat /ect/passwd
cat: /ect/passwd: No such file or directory
dave@dave-Vostro-3558:~$ less /ect/passwd
/ect/passwd: No such file or directory
dave@dave-Vostro-3558:~$

I do have the Ubuntu USB that I installed it from.

This post bothered me. The commands in the code block are typo'd. The correct directory should be "/etc/", not "/ect/" as shown in the quote above. The error messages are exactly what I would expect.

I wonder whether we are jumping to the solution before we fully understand the current state of @DavePM's system? Something suddenly changed that now prevents useable operation. If it were me, I would first boot something that lets me mount the filesystem with root privileges to poke around and see if the filesystem looks normal and intact. After we gather a little basic information, we may understand more about what happened and be better equipped to choose wise next steps.
-> To be clear, I am not talking about FBI forensic analysis, just routine troubleshooting.

Do we know anything about what might have triggered this event? When did it start, and what were Dave's activities preceding it? The current state of Dave's machine is not normal, so something not-normal must have occurred. It could have been a human error or an outside event like a glitch. (... or infection or attack, but let's not go there).

 

[DavePM]

That's because it should be cat /etc/passwd - you typed it wrong, as 'etc' is short for et cetera.

Right this is what I got when I typed it in correctly, it does not mean much to me however.

dave@dave-Vostro-3558:~$ cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/run/ircd:/usr/sbin/nologin
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
systemd-network:x:100:102:systemd Network Management,,,:/run/systemd:/usr/sbin/nologin
systemd-resolve:x:101:103:systemd Resolver,,,:/run/systemd:/usr/sbin/nologin
messagebus:x:102:105::/nonexistent:/usr/sbin/nologin
systemd-timesync:x:103:106:systemd Time Synchronization,,,:/run/systemd:/usr/sbin/nologin
syslog:x:104:111::/home/syslog:/usr/sbin/nologin
_apt:x:105:65534::/nonexistent:/usr/sbin/nologin
tss:x:106:112:TPM software stack,,,:/var/lib/tpm:/bin/false
uuidd:x:107:115::/run/uuidd:/usr/sbin/nologin
systemd-oom:x:108:116:systemd Userspace OOM Killer,,,:/run/systemd:/usr/sbin/nologin
tcpdump:x:109:117::/nonexistent:/usr/sbin/nologin
avahi-autoipd:x:110:119:Avahi autoip daemon,,,:/var/lib/avahi-autoipd:/usr/sbin/nologin
usbmux:x:111:46:usbmux daemon,,,:/var/lib/usbmux:/usr/sbin/nologin
dnsmasq:x:112:65534:dnsmasq,,,:/var/lib/misc:/usr/sbin/nologin
kernoops:x:113:65534:Kernel Oops Tracking Daemon,,,:/:/usr/sbin/nologin
avahi:x:114:121:Avahi mDNS daemon,,,:/run/avahi-daemon:/usr/sbin/nologin
cups-pk-helper:x:115:122:user for cups-pk-helper service,,,:/home/cups-pk-helper:/usr/sbin/nologin
rtkit:x:116:123:RealtimeKit,,,:/proc:/usr/sbin/nologin
whoopsie:x:117:124::/nonexistent:/bin/false
sssd:x:118:125:SSSD system user,,,:/var/lib/sss:/usr/sbin/nologin
speech-dispatcher:x:119:29:Speech Dispatcher,,,:/run/speech-dispatcher:/bin/false
fwupd-refresh:x:120:126:fwupd-refresh user,,,:/run/systemd:/usr/sbin/nologin
nm-openvpn:x:121:127:NetworkManager OpenVPN,,,:/var/lib/openvpn/chroot:/usr/sbin/nologin
saned:x:122:129::/var/lib/saned:/usr/sbin/nologin
colord:x:123:130:colord colour management daemon,,,:/var/lib/colord:/usr/sbin/nologin
geoclue:x:124:131::/var/lib/geoclue:/usr/sbin/nologin
pulse:x:125:132:PulseAudio daemon,,,:/run/pulse:/usr/sbin/nologin
gnome-initial-setup:x:126:65534::/run/gnome-initial-setup/:/bin/false
hplip:x:127:7:HPLIP system user,,,:/run/hplip:/bin/false
gdm:x:128:134:Gnome Display Manager:/var/lib/gdm3:/bin/false
dave:x:1000:1000:Dave,,,:/home/dave:/bin/bash
clamav:x:129:137::/var/lib/clamav:/bin/false
_flatpak:x:130:138:Flatpak system-wide installation helper,,,:/nonexistent:/usr/sbin/nologin
Debian-snmp:x:131:139::/var/lib/snmp:/bin/false
dave@dave-Vostro-3558:~$

suppose the first thing you should try is starting the GUI. I haven't done this with Ubuntu, so try:

startx

This is what I got from that.

dave@dave-Vostro-3558:~$ startx

/usr/lib/xorg/Xorg.wrap: Only console users are allowed to run the X server
xinit: giving up
xinit: unable to connect to X server: Connection refused
xinit: server error
Couldn't get a file descriptor referring to the console.

If that doesn't work, let's just try updating:

sudo apt update && sudo apt upgrade -y

That gave me this

dave@dave-Vostro-3558:~$ sudo apt update && sudo apt upgrade -y
[sudo] password for dave:
dave is not in the sudoers file.  This incident will be reported.

This assumes you have a network connection. Which, for the most part, you can expect to have started at that point.

Yes I am connected now from the laptop.

Timeshift

Nope only found out about that now from you, it will be installed when I can get back my system LOL

PROCESS 1

Right I am off to try from here on now.

 

[DavePM]

Do we know anything about what might have triggered this event? When did it start, and what were Dave's activities preceding it? The current state of Dave's machine is not normal, so something not-normal must have occurred. It could have been a human error or an outside event like a glitch. (... or infection or attack, but let's not go there).

I will just jump to this before I try the above.

What does bother me is that I did install two applications via terminal and now when I wanted to install Brave Browser I found it was doing this.

The application I installed were
AnyDesk - Oh and I did test it and it worked but when I logged into the laptop it did not present me with the desktop view that I was used to on Windows. Instead I got it as the File manager. That was the one and only time I tried it here.

Then I installed the DELL SupportAssist, I ran it and then needed to create a profile on DELL but I just never got around to doing that as yet.

Ok I am now off to try from Process 1

 

[DavePM]

PROCESS 1

1. First, establish what partitions your Ubuntu Cinnamon is on. For example, if you are on a computer which has UEFI/GPT you might have /dev/sda1 as your EFI System Partition (likely FAT32, 100 - 500 MiB) and your root partition for Ubuntu on /dev/sda2.

Right I tried all this and still could not get into the root as mentioned, I just got errors back from each command.

I think I am now just going to go back to Mint and do a clean install once again.

 

[sphen]

I will just jump to this before I try the above.

What does bother me is that I did install two applications via terminal and now when I wanted to install Brave Browser I found it was doing this.

The application I installed were
AnyDesk - Oh and I did test it and it worked but when I logged into the laptop it did not present me with the desktop view that I was used to on Windows. Instead I got it as the File manager. That was the one and only time I tried it here.

Then I installed the DELL SupportAssist, I ran it and then needed to create a profile on DELL but I just never got around to doing that as yet.

Ok I am now off to try from Process 1

This may be helpful for someone. I cringed when I saw "Dell SupportAssist." I know nothing about it. Based on the name alone, I wonder whether it makes permission or other changes to give Dell support people direct access to fix issues on systems. I doubt it got the same levels of budget and QA as their equivalent tools for Windows. :-(

 

[DavePM]

This may be helpful for someone. I cringed when I saw "Dell SupportAssist." I know nothing about it. Based on the name alone, I wonder whether it makes permission or other changes to give Dell support people direct access to fix issues on systems. I doubt it got the same levels of budget and QA as their equivalent tools for Windows. :-(

I must admit I thought twice about installing this but I had it on my Windows installation and it gave me some neat tools to managed the laptop. Thinking about it now I would not be surprised if this is what cause my problem.

Well from every fail there is a learning curve so being new to Linux I need all the learning I can find LOL

I am now busy creating a Mint USB install as there were a few things I did like better in Mint than Ubuntu.

 

[sphen]

TL;DR: In my opinion, the easiest way to regain superuser privileges is to edit the /etc/group file on the broken system. I verified the method before typing this post. It was easy and took almost no time to do.

. . . . .
Can't you mount the filesystem, edit the file /etc/group to add the user account to the sudo group, then reboot it?

I just tested it in Linux Mint. After rebooting, I was root on the terminal from my previously unprivileged user account. It took maybe a minute. Most of the time was spent with the boot and reboot. I used the Recovery boot from the Grub menu to get the root console and make the quick edit.

I tested console access on two Ubuntu(s) - one BIOS and one UEFI. I was able to get the same Grub menu to gain root that I used on Mint for both Ubuntu(s). The Grub menu I found was the same on all three systems with the following options: resume, clean, dpkg, fsck, grub, network, root, and system-summary. If you choose root, you get a # prompt and can make the edit.

On my systems, the timing is tricky to get the Grub menu to appear. I had to reboot several times before I got the timing right. To get to the menu from the Ubuntu virtual machines, you hold the Shift key at boot time. If it doesn't work, click the icon in the upper right to reboot and try again.

If that had not worked, I would have booted an .iso (or DVD or flash drive) from any live distro, mounted the problematic drive, edited the /etc/group file, and rebooted to get root.


(If you are concerned that it is so easy to get root on a Linux computer, do a web search for "Linux full disk encryption", which would protect your system but complicate this recovery slightly.)

 

[KGIII]

I am now busy creating a Mint USB install as there were a few things I did like better in Mint than Ubuntu.

That's probably for the best. I'm not sure where it's located, but @wizardfromoz probably has a link to his thread about Timeshift and why you should use it.

 

[bob466]

Hi Dave,

Here's a video that may help...

I haven't tried this as I don't have your problem but it might work...good luck.

 

[DavePM]

Another interesting thing here when I tried to boot from the Mint USB boot disk I got the following error.

Verification failed: (0x1A) Security Violation

I had to disable secure boot to get it booted up.