Please help: `sudo: /etc/sudo.conf is owned by uid 1000, should be 0`

When i first installed kde fedora linux 43 i enabled some alternate sources in software manager changing plasma kde to the workstation which i dont really like as much as plasma i tried changing it back using a guide like: Switching desktop environments :: Fedora Docs but it does not work and i get errors like
sudo: /etc/sudo.conf is owned by uid 1000, should be 0
sudo: /etc/sudo.conf is owned by uid 1000, should be 0
sudo: /etc/sudoers is owned by uid 1000, should be 0
sudo: error initializing audit plugin sudoers_audit

for my computer type its
Operating System: Fedora Linux 43
KDE Plasma Version: 6.5.3
KDE Frameworks Version: 6.20.0
Qt Version: 6.10.1
Kernel Version: 6.17.9-300.fc43.x86_64 (64-bit)
Graphics Platform: Wayland
Processors: 4 × Intel® Core™ i5-7300U CPU @ 2.60GHz
Memory: 36 GiB of RAM (35.1 GiB usable)
Graphics Processor: Intel® HD Graphics 620
Manufacturer: LENOVO
Product Name: 20L8S0AC00
System Version: ThinkPad T480s

Any help would be very useful

Is this issue not fixable at all? would i need to re install my os again?

Hi,

it seems your sudo configuration files are by your user account (uid 1000) instead of root (uid 0) for some reason. So to have root access you may try using ‘su’ and then changing the ownership of those files.

chown root:root /etc/sudo.conf /etc/sudoers /etc/sudoers.d
chmod 440 /etc/sudoers
chmod 644 /etc/sudo.conf

I’ve seen that for users who entered commands or ran scripts from the internet without understanding what the commands/scripts were doing. You may have many other files and directories with bad permissions. You could start by running ls -ln in the terminal to check for non-zero values in the 3rd or 4th column. Here, there are 2 non-zero 3rd column entries and both also have non-zero values for the 4th column. The awk program can used to check for non-zero values in a column:

% ls -ln /etc | awk '{if ($4 != 0)  print $0}'
total 1480
-rw-r-----. 1   0 984     33 Apr  9  2025 brlapi.key
drwxr-xr-x. 1 980 980      0 Sep  6 13:37 colord
drwxr-xr-x. 1   0   7    524 Dec  2 11:31 cups
drwxr-xr-x. 1 977 977      0 Sep  6 13:37 gnome-remote-desktop
drwxr-x---. 1   0 981     18 Oct 19 21:00 sssd

I have Fedora on 3 systems – all show the same pattern of non-zero values for the same files/directories, but some values differ.

To add just a tiny bit to what you posted, awk can be used to check both columns 3 & 4 at the same time.

$ ls -ln /etc | awk '{if ($3 != 0 || $4 != 0)  print $0}'
total 2432
-rw-r-----.  1   0 995     33 Apr 14  2024 brlapi.key
drwxr-xr-x.  2 986 984   4096 Jul 28  2024 colord
drwxr-xr-x.  4   0   7   4096 Dec  2 10:02 cups
drwxr-xr-x.  2 974 974   4096 Jul 28  2024 gnome-remote-desktop
drwx------.  2 971 971   4096 Jul 23 19:00 munge
drwxr-x---.  2   0  48   4096 Oct  9 10:36 phpMyAdmin
drwxr-x---.  4   0 959   4096 Oct 19 19:00 sssd

If I were to check column 3 only I would only get 3 lines of output.

Or, if you want to be really fancy, you could use the find command.

Edit: Nevermind. I see what I did wrong. You always have to use parenthesis. Without them, the -exec “attaches” to the last test.

$ su -c 'find /etc \( ! -uid 0 -o ! -gid 0 \) -exec ls -ld {} \;'
Password: 
drwxr-xr-x. 4 root lp 18 Nov 25 20:03 /etc/cups
-rw-------. 1 root lp 1106 Nov 25 20:03 /etc/cups/printers.conf
-rw-r--r--. 1 root lp 0 Nov 14 00:00 /etc/cups/lpoptions
-rw-------. 1 root lp 1106 Oct 14 15:01 /etc/cups/printers.conf.O
-rw-r-----. 1 root lp 2732 Nov 14 00:00 /etc/cups/cups-files.conf.default
-rw-r-----. 1 root lp 0 Nov 14 00:00 /etc/cups/subscriptions.conf
-rw-r-----. 1 root lp 109 Dec  4  2024 /etc/cups/classes.conf.O
-rw-r--r--. 1 root lp 301 Nov 14 00:00 /etc/cups/client.conf
-rw-r-----. 1 root lp 6787 Nov 14 00:00 /etc/cups/cupsd.conf
drwxr-xr-x. 2 root lp 5 Nov 14 00:00 /etc/cups/ppd
-rw-r-----. 1 root lp 14795 Dec  4  2024 /etc/cups/ppd/hpP1606.ppd.O
-rw-r-----. 1 root lp 14795 Apr 30  2025 /etc/cups/ppd/hpP1606.ppd
-rw-r-----. 1 root lp 166795 Sep  9  2024 /etc/cups/ppd/hpM554.ppd
-rw-------. 1 root lp 109 Jan  7  2025 /etc/cups/classes.conf
-rw-r-----. 1 root lp 142 Nov 14 00:00 /etc/cups/snmp.conf.default
-rw-r--r--. 1 root lp 142 Nov 14 00:00 /etc/cups/snmp.conf
drwx------. 2 root lp 3 Nov 14 00:00 /etc/cups/ssl
-rw-r-----. 1 root lp 6787 Nov 14 00:00 /etc/cups/cupsd.conf.default
-rw-r-----. 1 root lp 2732 Nov 14 00:00 /etc/cups/cups-files.conf
drwxr-x---. 4 root sssd 4 Oct 20 00:00 /etc/sssd
drwxr-x---. 2 root sssd 2 Oct 20 00:00 /etc/sssd/conf.d
drwxr-x---. 2 root sssd 2 Oct 20 00:00 /etc/sssd/pki
-rw-r-----. 1 root brlapi 33 Aug 22  2024 /etc/brlapi.key
drwxr-xr-x. 2 colord colord 2 Sep  9  2024 /etc/colord
drwxr-x---. 7 root polkitd 7 Jan 18  2025 /etc/polkit-1/localauthority
drwxr-x---. 2 root polkitd 3 Jun  6 00:00 /etc/polkit-1/rules.d

when i run that i receive:

otal 8
drwxr-xr-x. 1 1000 1000 20 Nov 30 18:02 Desktop
drwxr-xr-x. 1 1000 1000 0 Nov 30 18:02 Documents
drwxr-xr-x. 1 1000 1000 294 Nov 30 21:16 Downloads
drwxr-xr-x. 1 1000 1000 6 Dec 1 06:50 Games
drwxr-xr-x. 1 1000 1000 0 Nov 30 18:02 Music
drwxr-xr-x. 1 1000 1000 0 Nov 30 18:02 Pictures
-rw-r–r–. 1 1000 1000 7317 Oct 27 09:52 protonvpn-stable-release-1.0.3-1.noarch.rpm
drwxr-xr-x. 1 1000 1000 0 Nov 30 18:02 Public
drwx------. 1 1000 1000 50 Nov 30 19:57 snap
drwxr-xr-x. 1 1000 1000 0 Nov 30 18:02 Templates
drwxr-xr-x. 1 1000 1000 0 Nov 30 18:02 Videos

if i have to change these to zeros or something to switch back to the kde plasma desktop enviorment instead of workstation how would i do so?

I used this command but when trying to install things like switchdesktop like the tutorial said i still get the error
sudo: /etc/sudo.conf is owned by uid 1000, should be 0
sudo: /etc/sudo.conf is owned by uid 1000, should be 0
sudo: /etc/sudoers is owned by uid 1000, should be 0
sudo: error initializing audit plugin sudoers_audit

i also added sudo when entering your command to have it work

i tried to use the first command you put and swapped su for sudo due to it giving me authentication failures despite putting the right password adding sudo did not work for me

If sudo is broken and you do not have a password set for your root account so that su will work, you will probably have to boot from a Live image on a USB stick to fix your system. There are some instructions for setting your root account password from a Live image here:

After you reset the root password for your system and boot back into your normal system, su should work as an alternative to sudo. From there, you should be able to fix your config files and get the normal sudo command working again.

You have been shown how to identify the files that are owned by someone other than root, and the files that are expected to be in that category.
You also have been shown how to set a root password so you can fix the ownership of the files you initially identified as a problem with using sudo.

1. first set a root password following the procedure above by booting with a live media.
2. once the root password has been set so you can use the su command and you have rebooted, then change ownership of /etc/sudoers, /etc/sudo.conf and /etc/sudoers.d with the command su -c 'chown root:root /etc/sudoers /etc/sudo.conf /etc/sudoers.d'. This will require the new password you just set for root.

Once step 2 is completed you should be able to use sudo as you did before.

Finally please run the command
ls -ln /etc | awk '{if ($3 != 0 || $4 != 0) print $0}' and give us the results so we may assist with recovery from additional changes that may have been done to ownerships in /etc