SUDO completely broken (Unknown UID: Who are you?)

I’ve discovered recently that my SUDO commands are not working at all. I’ve had no luck with google.

First, let me get a few things out of the way. According to all I’ve seen in various forums, everything looks OK.

  • My /etc/sudoers has the right permissions 440 and is root:root (owner:group)
  • The sudo binary has the SUID bit set
  • The /etc/passwd file contins my non-root user password

The problem is the following, every call to sudo (even sudo -l) gives me the same error message

sudo: unknown uid 1000: who are you?

Even as the root user I get the same message (with the appropriate UID)

sudo: unknown uid 0: who are you?

This is a very strange problem. I have found no help on the net and am wonderinf anyone herehas any ideas.

I recently updated a 12.2 system to 12.3. I’m guessing it is a very basic problem. SUDO seems not to be recognizing any users. But I’m not sure where to look.

Well, I had no problem using sudo after updating to 12.3 and I haven’t heard of such a problem before.

But maybe this is a permissions problem.
Try to login as root and run:

chkstat --system --set

This should set all system files to the correct permissions.
Perhaps this would fix your problem?

Oh, and:

It shouldn’t.
It should have ‘x’ as password for all users.
The real password should be contained (encrypted) in /etc/shadow !

I’ve done that. Unfortunately no change.

Also, my passwd and shadow files are as you say. “passwd” does not contain a password and “shadow” contains an encrypted password.

The reason I mentioned that is because the erors message seems to no know who my user name is. The SUDO is, however, retrieving the correct UID (for both my normal and root user), just not performing the command.

Hm.

Another guess:
Do you have apparmor installed? Maybe it blocks something. Try to uninstall it.
That said, I have it installed and it causes no problem for me. (but maybe its setup is wrong on your system)

That suggests a problem with “/etc/passwd” such as (a) it doesn’t exist, or (b) it’s format has been broken.

Other operations requiring passwords and users are working correctly, i.e. logging in to the shell and X(KDE). I’m assuming this would not be possible if “etc/passwd” was broken.

Excellent :slight_smile:

That did the trick. Thanks a lot “Wolfi”

I’m wondering if I should leave apparmor uninstalled or if a new clean install would work properly. (Not exactly sure what it does :X )

It’s not installed in 12.3 by default anymore AFAIK.

What it does is constrain programs from doing anything they want. It’s a security feature. (If it is configured too strictly, it can cause problems of course)
Its configuration lies in /etc/apparmor and /etc/apparmor.d, you should maybe delete those before you install it again if you want to do this.

Btw., in YaST there’s a configuration module for this (Security and Users->AppArmor Configuration->Update Profile; or something like this, I’m running in german :wink: ). This contains a “wizard” that shows all blocked things and lets you enable them easily…

You can find more information here:
https://en.opensuse.org/SDB:AppArmor