Sudo access to a single service – RHEL 7 / CentOS 7

24. January 2016 SysAdmin 0
Sudo access to a single service – RHEL 7 / CentOS 7

Issue

You need to give only the apache / httpd restart permission to the developers via sudo.

Solution

  • Add the below lines to /etc/sudoers

Cmnd_Alias WEBDEVS = /sbin/service httpd *
user1 ALL = NOPASSWD:WEBDEVS

  • Now the user can run the below commands to any action (start / stop / restart etc) on httpd service.

sudo /sbin/service httpd restart

Eg:

[[email protected] ~]# su - user1
[[email protected] ~]$ sudo /sbin/service httpd restart
Redirecting to /bin/systemctl restart  httpd.service


Leave a Reply

Your email address will not be published. Required fields are marked *