How to get rid off - sudo: /usr/lib/sudo/sudoers.so must be only be writable by owner sudo: fatal error, unable to load plugins
I am trying to configure apache2 with cgi (python). For that, I have to change permissions of some folders and files but I am getting sudo fatal errors every time I try to change permission of a file or a Folder.
For Example:
1
j@ubuntu:/etc/apache2$ ls
apache2.conf envvars magic mods-enabled sites-available
conf.d httpd.conf mods-available ports.conf sites-enabled
j@ubuntu:/etc/apache2$ sudo chmod 777 httpd.conf
sudo: /usr/lib/sudo/sudoers.so must be only be writable by owner
sudo: fatal error, unable to load plugins
...................................................................................
2
j@ubuntu:/usr/lib/cgi-bin$ sudo /etc/init.d/apache2 restart
sudo: /usr/lib/sudo/sudoers.so must be only be writable by owner
sudo: fatal error, unable to load plugins
...................................................................................
3
j@ubuntu:/usr/lib$ sudo chmod -R 777 /usr/lib/cgi-bin
sudo: /usr/lib/sudo/sudoers.so must be only be writable by owner
sudo: fatal error, unable to load plugins
...................................................................................
Note:
j@ubuntu:/etc/apache2$ ls -l /usr/lib/sudo/sudoers.so
-rwxrwxrwx 1 root root 177452 Jan 31 2012 /usr/lib/sudo/sudoers.so
Any help would be highly appreciated !
Answer
If you have docker installed on your host, you can leverage its permission vulnerabilities on volumes to solve this issue.
Run
docker run -it -v /usr/lib/sudo:/tmp ubuntu:xenial
Once inside the container, being the root user there, you can:
cd /tmpchown root sudoers.soorchmod 644 sudoers.sodepending on the exact issue
It's not a really clean solution but it solves the issue.