How to fix a broken sudoers file on AWS/EC2 Linux

In case you are using Ubuntu or Amazon linux on Amazon EC2 and introduce a syntax error, you won’t be able to run any sudo command. That will pretty much disallow running any root command if you haven’t enabled root ssh access to the system. You are somewhat in a locked out situation. Here are the steps to fix this problem:

Stop the instance and detach root volume

First stop the instance (do not terminate) as shown below. Make sure that your instance is not in terminate on shutdown mode as you need to start it again.
ec2-instance-shutdown

After shutting down, detach the volume from the instance.

Attach root volume to another instance

Create a temporary instance and attache the above detached volume on it. Now you can run the following command to list available volumes:

$ sudo lsblk

Now create a tmp directory and mount the newly added device to that directory.

$ sudo mkdir -p /ihmnt/tmp1
$ sudo mount /dev/xvdf1 /ihmnt/tmp1

Now you can fix the corrupt sudoers file in it and umount it:

$ sudo umount /ihmnt/tmp1

Now you can detach this volume and attach us back to original instance (as root volume) and start that instance.

Share this article: share on Google+ share on facebook share on linkedin tweet this submit to reddit

Comments

Click here to write/view comments