In this tutorial we will see how can we troubleshoot if someone make wrong entry in sudoers file of AWS EC2 instance. One way to solve this problem is attaching root volume of problematic instance to another instance helper instance in same availability zone. But we will see here how can we solve this issue with the help of user data.
Problem: Some user has make wrong entry in sudoers file. Now if any user is running sudo command then system is giving error as given in image below:
>>>/etc/sudoers.d/90-cloud-init-users: syntax error near line 5 <<<
sudo: parse error in /etc/sudoers.d/90-cloud-init-users near line 5
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin
Solution:
- Go to AWS console and stop the server.
- Now after selecting that instance click on Actions >> Instance Settings >> Edit user data.
3. Then paste the user data as given below under New user data section and click on Save.
#cloud-boothook
#!/bin/bash
cp /etc/sudoers.d/90-cloud-init-users /etc/sudoers.d/90-cloud-init-users.bkp
echo "ec2-user ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/90-cloud-init-usersNote: Replace ec2-user according to your linux flavour.
4. Now start the server. Login to the server and run sudo command.
5. If you want to check what was wrong in sudoers file then check /etc/sudoers.d/90-cloud-init-users.bkp file.
Vеry nice articⅼe, just what I was looking for.
Your article helped me a lot, is there any more related content? Thanks!