Xavier NX - lost sudo by usermod withou -a recovery

Hi, I’m using Xavier NX devkit with Jetpack 4.6.2 and wanted to add myself to dialout group but I just used:

usermod -G dialout

and didn’t expect any betrayal, but I removed myself from all other groups by omitting -a.

I found how to do it https://askubuntu.com/questions/59364/i-accidentally-removed-myself-from-sudoers-how-can-i-fix-this but I need to access UEFI to get to Ubuntu recovery mode?

I’ve read somewhere that because of boot order on Jetson, I cannot access it with keyboard and need to use uart. Same question was asked here https://forums.developer.nvidia.com/t/jetbot-lost-sudoer/76102, but with classic reply just reflash

Is there a way to do it? I already hooked up an Arduino to Xavier uart and can read boot log. The only thing something happens is when I press key at:

[0002.348] I> Load in CBoot Boot Options partition and parse it
[0002.349] E> Error -9 when finding node with path /boot-configuration
[0002.352] E> tegrabl_cbo_parse_info: "boot-configuration" not found in CBO file.
[0002.359] I> Using default boot order
[0002.362] I> boot-dev-order :-
[0002.365] I> 1.sd
[0002.367] I> 2.usb
[0002.369] I> 3.nvme
[0002.371] I> 4.emmc
[0002.373] I> 5.net
[0002.375] I> Hit any key to stop autoboot:	4	3	2Sending: e

TEGRA194 #

And then still keyboard is unresponsive and on monitor is “BOOTLOADER SHELL MODE”.

How can I get to Ubuntu recovery mode so I can add myself to all groups that I was before?

UEFI won’t do what you want on an embedded system such as a Jetson (and you’d only have UEFI if you were using JetPack/SDKM 5.x+). What you need to do is clone the rootfs, fix any related file (probably the “/etc” files “group”, “group-”, “gshadow”, and “gshadow-”, but I’m not certain) on the clone, and then flash the clone back. This takes a lot of host PC disk space and time. Do you really need everything? If not, then just flashing is faster. However, I’ll assume you need what is there.

You need a lot of spare disk space (probably up to double the size of the rootfs partition) on the host PC. Then, with the NX in recovery mode and using the same release of JetPack/SDKM which flashed the Jetson originally (well, actually clone won’t care, but restore will in most cases require a match if you flash anything other than rootfs…better safe than sorry, so try to use the original JetPack/SDKM release), you can clone like this (I am assuming eMMC since if this is on an SD card you can just fix the SD card without clone):
sudo ./flash.sh -r -k APP -G my_backup.img jetson-xavier-nx-devkit-emmc mmcblk0p1

The above creates both a “raw” clone (“my_backup.img.raw”) and a “sparse” clone (“my_backup.img”). Only the raw image can be loopback mounted and edited. Either image can flash, but the raw image is slower. Since you can’t edit the sparse image I’d just delete it and save many GB of space.

You can loopback mount the raw image:
sudo mount -o loop ./my_backup.img.raw /mnt

Then go to “/mnt” and the whole Jetson eMMC is now there for edit. You can experiment with fixing the group membership. FYI, the original “Linux_for_Tegra/rootfs/etc/” would probably be correct unless you’ve made other group membership changes. Then cd out of “/mnt” and “sudo umount /mnt”.

If you copy this file, “my_backup.img.raw”, to “Linux_for_Tegra/bootloader/system.img”, you can then flash using that:
sudo ./flash.sh -r jetson-xavier-nx-devkit-emmc mmcblk0p1

Technically I think you can skip flashing anything except the rootfs/APP partition:
sudo ./flash.sh -r -k APP jetson-xavier-nx-devkit-emmc mmcblk0p1
(in which case you wouldn’t need a matching JetPack/SDKM release since it would flash only rootfs, and your rootfs you just edited matches the original content, but I usually suggest flashing the other content as well using a matching release)

1 Like

I was booting from 1TB NVMe. In the end, I just bought an external M.2 case to USB and edited /etc/group and /etc/gshadow to look like my other jetson machine.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.