For one specific user I want to be able to restart Apache. This user does have sudo privileges and I could run sudo /etc/init.d/apache2 reload, but I want to include this restart script in a git post-receive hook. So this would prompt for the password and fail. So the question is: what is the proper way to allow this user to restart apache, without requiring sudo? I want to restrict option to only restarting Apache, and only this particular user.
Add a comment
|
1 Answer
You should consider using sudo with the NOPASSWD config.
See man 5 sudoers
Ex:
Host_Alias LOCAL=192.168.0.1
user_foobar LOCAL=NOPASSWD: /etc/init.d/apache2
-
1You should consider
NOPASSWDextremely carefully, though.Shadur-don't-feed-the-AI– Shadur-don't-feed-the-AI2012-03-19 08:53:36 +00:00Commented Mar 19, 2012 at 8:53 -
Sure, don't use that for all commands. Never something like
LOCAL=NOPASSWD: /bin/bashGilles Quénot– Gilles Quénot2012-03-19 13:25:02 +00:00Commented Mar 19, 2012 at 13:25