Home > Linux, Open Source, Ubuntu > Restore Default Ubuntu Groups.

Restore Default Ubuntu Groups.

While this affected me on Ubuntu, I guess it’s possible that other Linux distros will also be affected. Though the incorrect use of usermod, I managed to screw up my groups configuration leaving me without sudo or su ability, which is obviously important on Ubuntu to make system configuration changes. Read on for the whole story of how I recovered, and restored correct groups again.

One of the libraries I’m using required me to be a member of the uucp group for it to work, so off I went and read the manpage of usermod so I could add myself to that group. Two shakes of a lambs tail later I had issued a:

sudo usermod -G uucp ccollins

This was quite effective at adding me to the uucp group, but had the unfortunate side effect of removing me from all the other groups I was a member of. To top it all off, not being a member of admin anymore, I could no longer use sudo or su, and was effectively unable to recover.

What I should have done, was issue usermod as:

sudo usermod -a -G uucp ccollins

This would have the effect of appending the group to my list, rather than replacing.

So, to recover I had to use the Ubuntu live CD. I booted Ubuntu from the live CD and when I logged in I was able to mount my root partition (/). Once this was done, I could manually edit the /etc/group file and add myself to the admin group. A quick reboot later and I was able to use sudo and su again, and add myself to all the other groups I’d lost.

sudo usermod -G ccollins,adm,uucp,dialout,cdrom, \
floppy,audio,dip,video,plugdev,scanner,netdev, \
lpadmin,powerdev,admin ccollins

sudo usermod -g ccollins ccollins

This restored my group memberships, and restored my initial group to ccollins. All I needed to do now, was log out and log in.

AddThis Social Bookmark Button

Categories: Linux, Open Source, Ubuntu
  1. August 2, 2007 at 18:42 | #1

    Woohoo. This was a lifesaver!

  2. Molgor
    January 15, 2008 at 6:37 | #2

    Thanx a lot!! It was difficult for me to remmeber what was the fu@%! problem. Later on I realized that I missunderstand the usermod shit just like you.
    Maybe the activation of the root login isn’t a bad idea after all.

    Aknowledges from México.

  3. Mahesh
    January 19, 2008 at 20:29 | #3

    Wow! Your quick little note was a life saver for me too.

    I was trying out some Ubuntu admin stuff and wrongly used the usermod command “exactly” like you did. But, I did so because the book I was referring to told me to do so!! (WTF!! I know!)

    Anyway, once that was done, I reboot the system into recovery mode (single user mode through Grub) and added a root passwd. So, then on I could use “su -” to become root, but, otherwise I felt pretty helpless since I couldn’t work with sudo.

    I am now going to restore my admin privileges as per your note and hopefully things will work well.

    Thanks for encountering the problem, finding the solution, and most improtantly posting it for public use. Great job.

  4. ghost
    January 26, 2008 at 14:27 | #4

    Dude, Duuuuuude!!! thanks alot man,this helped me alot, and i learned something new in the process. Thanks for sharing it ;)

  5. bartman
    February 20, 2008 at 21:29 | #5

    This is a complete lifesaver. A few things that would’ve saved me quite a bit of time:
    * if the user calling “$ sudo …” isn’t in the group admin, the command won’t execute but the user won’t be notified. You have to use $ su and log in as root.
    * the changes take effect as soon the user whose groups are changed logs in the next time. A reboot isn’t necessary!

  6. someone
    February 26, 2008 at 3:15 | #6

    thank you! I’ve done that mistake with usermod too!

  7. Jman
    March 15, 2008 at 15:19 | #7

    Another thanks over here… you fixed me!

  8. March 26, 2008 at 11:44 | #8

    you have no idea how much this just helped. Thank you so much!

  9. Nomad
    April 20, 2008 at 16:57 | #9

    Thanx. It’s the clearest explanation I’ve found.
    And it’s really helped

  10. July 6, 2008 at 23:56 | #10

    Wow! Thank you for this. I had completely forgotten and it was driving me nuts as the CLI kept spitting back error reports with Usage instructions…. of which were not very helpful. But this post was.

    A quick note at the risk of sounding pretentious, it’s best to experiment your system administration tasks on guest accounts or accounts that wouldn’t affect you if you messed them up. I’ve been toying with a bunch of advanced configuration lately, like everyone here… but when I do I make absolutely sure I’m playing with the guest account.

    Cheers

  11. ccollins
    July 7, 2008 at 8:18 | #11

    Hi Patrick,
    That’s true. When it comes to Linux and Unix type systems, it pays to be paranoid :-)

    -Chris

  12. ccollins
    July 15, 2008 at 20:06 | #12

    Jason over at Ubuntu Forums suggests an even easier fix for messed up groups. Reboot into the recovery console and execute “adduser YOUR_USERNAME_HERE admin”. That gets you back on the admin group, and allows you to recover your other groups also.

    Full post is here:
    http://ubuntuforums.org/showpost.php?p=4273283&postcount=2

  13. September 12, 2008 at 3:51 | #13

    Great tip, here. Thanks.

  14. September 12, 2008 at 3:52 | #14

    I should add that not having a “root” in Ubuntu really floored me. Fortunately, I have physical access to the machine, other wise my omission of the -a would have been a catastrophe.

    Live and learn.

  15. dirtycutmaster
    November 5, 2008 at 12:11 | #15

    Just to say as Oggle did – you don’t have any idea how much that helped me! Thanks a thousand times!

  16. Ricky
    November 12, 2008 at 20:10 | #16

    It saved my bacon, and it was EXACTLY the same thing, but my evil group was sbox.

    Thank you.

  17. Sektor
    November 17, 2008 at 7:22 | #17

    Same problem here, this article was a life saver. Perhaps the man pages should include some kind of warning, as this seems to happen a lot.

    Thanks.

  18. Nic
    December 15, 2008 at 12:09 | #18

    Many thanks – I messed up in exactly the same way. Very handy to have a list of default group memberships out there.

  19. ray
    February 7, 2009 at 12:46 | #19

    Unreal. U saved my life! I was studying for LPI and the text book told me to run the command: sudo usermod -G sales bob. Next time I booted up I couldn’t log in, system couldn’t find my home folder, I couldn’t access my home folder, all thiseven though I still owned it. Nightmare.

    I think I love you.

    lol

  20. r
    February 25, 2009 at 11:16 | #20

    If you don’t have a live CD your can edit the grub menu line : add “init=/bin/bash” and boot.
    You then have access to a bash terminal with no need for password or root right.
    You must remount your partition with write rights:
    mount -o remount,rw /
    then edit /etc/group to add sudo right to your user.
    reboot and you are done

  21. Thijs
    May 5, 2009 at 10:21 | #21

    Great!

  22. Allan Registos
    May 26, 2009 at 1:08 | #22

    There is a quick solution w/o having to boot from a live CD.
    But a requirement is that you must have an existing webmin installed. I don’t know that this will going to everyone but at least it works for me. The reason why I said this because I am currently logged at the webmin web interface. I don’t know if you can still log in at the webmin once you messed with your admin group.

    I am a user of Ubuntu for over a year but I still messed the admin group and still don’t know that the group is critical to the Ubuntu system. I deleted it via webmin, since I want to create a user admin for that purpose. Now when I go to the CLI to install software, the error says I am not belong to the sudoers file.

    The thing is I am currently logged at the webmin interface. I simply re-created the group admin. I put my username on that group and try to access the synaptic again without error. I can now use the CLI and install programs.

  23. Boris
    June 20, 2009 at 19:00 | #23

    Thanks a lot! Very helpful…

  24. August 9, 2009 at 3:01 | #24

    Thanks a lot!! It helped me too

  25. Jim McLaren
    October 9, 2009 at 8:13 | #25

    You don’t actually need to use a live CD. When grub starts, hit escape to bring up the boot menu, and select ‘recovery mode’. When in recovery mode, select the option to drop to a root prompt. Then type in the command:

    adduser <username> admin

    where <username> is the account you want to add to the admin group.

    Reboot, and you should be able to add yourself to other groups from a terminal on the desktop.

    • ccollins
      October 9, 2009 at 9:26 | #26

      Thanks Jim,
      The operations of the recovery console are not something I know a lot about. Thanks for the tip! You learn something new every day :-)

      -Chris

  1. December 20, 2007 at 7:01 | #1