Ubuntu – ‘sudo echo “bla” >> /etc/sysctl.conf’ Permission Denied

amazon ec2sshsudoUbuntu

Disclaimer: I'm pretty novice at sysadmin stuff.

I'm trying to set up port forwarding in an AWS EC2 instance, this has to be done in the command-line because I don't want to go in and edit anything, it has to be automatic (it's part of a build process).

sudo echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf

Permission denied

The weird thing is I've been (successfully) using sudo for pretty much every command that required su privileges. If I do sudo su before the command (trying it out by hand in an ssh session), then it works.

Reasons behind this? Possible solutions that don't involve sudo su or manual edits?

Best Answer

You can't use sudo to affect output redirection; > and >> (and, for completeness, <) are effected with the privilege of the calling user, because redirection is done by the calling shell, not the called subprocess.

Either do

cp /etc/sysctl.conf /tmp/
echo "net.ipv4.ip_forward = 1" >> /tmp/sysctl.conf
sudo cp /tmp/sysctl.conf /etc/

sudo /bin/su -c "echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf"

Related Solutions

Linux SSH – Permission Denied (publickey) from Ubuntu to Amazon EC2

The first thing to do in this situation is to use the -v option to ssh, so you can see what types of authentication is tried and what the result is. Does that help enlighten the situation?

In your update to your question, you mention "on another local Ubuntu". Have you copied over the ssh private key to the other machine?

Ubuntu – Permission Denied for User with Sudo Privileges

Could you run

sudo -s
id

And post the output? I want to see if it's actually making you the user you think.

Also, try

sudo cat /etc/sudoers

The output of id here is quite enlightening. When you ran sudo -s, you were given a UID of 1, while the only UID that the kernel will recognize as having root privileges is UID 0.

Try running

getent passwd | grep ':0:'

and see if any entries have that 0 in their first numeric field, the UID. Whatever account that is is the real superuser on the system, while root is a fake. Once you know the name, you can try

sudo -s -u username

to get a shell as that user.

You should also post the output of

getent passwd root

The bigger issue here is how such a condition came to pass.

Is this machine offering any network services? If so, someone may have broken into it and taken it over. In that case, you should probably back up the data, do a clean re-install, and audit anything that goes back on it.

If it's more of a personal machine, might there be a knowledgeable prankster who's had access to it recently?

Edit: your comment to another answer suggests that this is a server. I would highly recommend taking it offline ASAP and imaging its disks for forensic purposes. Unless you can identify a benign cause for this in short order, you've probably had your server cracked.

Best Answer

Related Solutions

Linux SSH – Permission Denied (publickey) from Ubuntu to Amazon EC2

Ubuntu – Permission Denied for User with Sudo Privileges

Related Topic