Artix Linux Forum

Hello, I am having a serious security issue regarding artix linux. I downloaded and verified the ISO . After installing I was preparing artix for my use by installing apps. But after installing gcc for neovim compile I was unable to install other packages and got restricted from using sudo command and others. Please help .. Looks like someone  have remote access to my OS and I am unable to do stuff with sudo command.
Note: No one have physicall access to my laptop and my account lost sudo access during my presence when I was done almost needed packages.
in the screenshot I used get command so don't be confused it is an alias which I added in the .bashrc file . so get= sudo pacman -S
get vim means sudo pacman -S vim

did you try rebooting?  3 incorrect password attempts locks you out for 10 minutes

The most likely problem here is wrong permissions on the sudo executable.

If you still have access to su and set up a root password, I'd try su -c 'chmod 4711 /usr/bin/sudo'.

---

That ain't it, the error message for 3 incorrect passwords is "This acount is locked (X minutes remaining)".

How the fuck
Question now is :"how the fuck was it broken?"
Please, stop messing around on Artix users' computers please @capezotte

In the event of suspected remote access, it's simple and quick to physically turn off or disconnect the internet connection, for example by unplugging the ethernet cable or wifi adapter if it's an external one, flip the wifi off switch on a laptop if it has one, turn off the router, or power off the computer.
Hopefully not that though. You could try typing the password and see if it's coming out as you think, also perhaps try it in another tty (CTRL ALT F2 etc) as sudo seems to use the terminal keymap, not the graphic one.

_{I have your IP address: 127.0.0.1}

...

@spellb
I doubt this is a case of remote access but on a new install, with even the slightest of doubt about security, I suggest you just start the install again.

Change your alias

alias get="sudo pacman -Syu "

pacman -S is not a good practice.
https://wiki.archlinux.org/title/System_maintenance#Partial_upgrades_are_unsupported

The only possible doubt here is a user that don't know what he is doing. Who the fuck `hacks' a computer to change sudo executable permissions?


There is definitely nothing wrong with pacman -S, it is pacman -Sy that can be harmful. The only risk with running pacman -S is to get some error 404 if the packages you want to install got updated since your last sync. (and the link you sent totally backs that)

This is not the case  that I don't know what I am doing. I know what I am doing and this is my aliases ....

any moment now a dev will be along to tell you why you shouldn't be using -Syyu

in 20 years as a desktop linux user i think you are the only one i have seen using an alias like this.  i concur with gripped that a fresh install is the best solution here.

You can get root access for recovery by chrooting in from an iso on a usb or another partition if you want to try and fix things. Then you could do stuff like reset the password, reinstalll things and so on. You could check logs in /var/log for signs of remote access, perhaps use clamav, chkrootkit, and rkhunter to scan the system to look for malware.  Of course a reinstall is the best way to ensure there's nothing like that, but if you want to go that route then those are some ideas.