Fix broken sudoers file – sudo: parse error in /etc/sudoers near line 21 [Ubuntu]

Updated on August 26, 2020

While providing sudo permission to a specific user did a mistake, saved and closed it before I realize. Later when tried to execute sudo -s encountered the below error message. I’m unable to open sudoers file and edit again to fix it.

ubuntu@digi:$ sudo -s
>>> /etc/sudoers: syntax error near line 21 <<<
sudo: parse error in /etc/sudoers near line 21
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin

How can I fix this error without booting into single-user mode?

Solution: Fix broken sudoers file

Modern GNU/Linux distribution systems come with a quite fast and easy way to fix the corrupted sudoers file and don’t require rebooting using a live CD, or physical access to the machine.

ubuntu@digi:$ pkexec vim /etc/sudoers
==== AUTHENTICATING FOR org.freedesktop.policykit.exec ===
Authentication is needed to run `/usr/bin/vim' as the super user
Authenticating as: Ubuntu (ubuntu)

It would prompt for the password. Authenticate yourself with the password for the user you are trying to authenticate and then it will open /etc/sudoersfile in your favourite editor (in my case vim) as root, and you can fix your /etc/sudoers file.

Additional system administration

If you have to perform additional system administration commands as root to fix the problem, then you can start an interactive root shell with pkexec bash command.

Was this article helpful?

Related Articles

Comments Leave a Comment

  1. Error executing command as another user: Not authorized Many thanks anyway 🙂 Best regards

  2. Managed to open /etc/sudoers, but what is the issue with the below content.

    # This file MUST be edited with the ‘visudo’ command as root.
    # Please consider adding local content in /etc/sudoers.d/ instead of
    # directly modifying this file.
    # See the man page for details on how to write a sudoers file.
    Defaults env_reset
    Defaults mail_badpass
    Defaults secure_path=”/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin”

    # Host alias specification

    # User alias specification

    # Cmnd alias specification

    # User privilege specification
    root ALL=(ALL:ALL) ALL

    # Members of the admin group may gain root privileges
    %admin ALL=(ALL) ALL

    # Allow members of group sudo to execute any command
    %sudo ALL=(ALL:ALL) ALL

    # See sudoers(5) for more information on “#include” directives:

    #includedir /etc/sudoers.d

    1. I verified the syntax of your sudoers file and it seems to be ok.
      $ visudo -cf /tmp/sudoers
      /tmp/sudoers: parsed OK

      Can you be more elaborate on the issue you are facing?

  3. Instead of pkexec vim /etc/sudoers please use pkexec nano -w /etc/sudoers, it will helpfull

  4. Unfortunately I get this error message

    polkit-agent-helper-1: error response to PolicyKit daemon: GDBus.Error:org.freedesktop.PolicyKit1.Error.Failed: No session for cookie
    Error executing command as another user: Not authorized

    when I’m obviously not doing so.

Leave a Comment