Linux Ubuntu – Configure sudo to Work Without Password

linuxsudoUbuntu

I'm trying to configure sudo to allow all users to restart apache without having to enter a password.

Security concerns aside, why isn't this working?

I added the line to /etc/sudoers: %admin ALL=NOPASSWD: /usr/sbin/apache2ctl

$sudo -l
User aidan may run the following commands on this host:
    (root) NOPASSWD: /usr/sbin/apache2ctl
    (ALL) ALL

$sudo /usr/sbin/apache2ctl
[sudo] password for aidan:

Thanks for any help.

Best Answer

That should work fine assuming you put the %admin ALL=NOPASSWD: /usr/sbin/apache2ctl after the ALL rule and your goal is to have users of the admin group require a password for sudo for everything but the apache2ctl command.

What you probably want from what you said however is group of users that can start and stop apache, say apachestart. Then:

%apachestart ALL= NOPASSWD: /usr/sbin/apache2ctl

I think you might be able to make it truly everyone by replacing %apachestart with ALL, but I would recommend that even less.

Related Solutions

Centos – Problems restarting apache via PHP (even with sudo)

In the sudoers file (use visudo), below the extant defaults line, add:

defaults:www !requiretty

Actually, are you sure it's running as the "www" user? The default for CentOS is "apache". A little script to try:

<?php print system("whoami");?>

If it's not "www", just replace the "www" bit in sudoers, above.

Ssh – How to use sudo with WinSCP and ProFTPd

If you already have ssh/scp/sftp access via SSH-2.0-OpenSSH_5.3, you don't need to try setting up another daemon.

Best Answer

Related Solutions

Centos – Problems restarting apache via PHP (even with sudo)

Ssh – How to use sudo with WinSCP and ProFTPd

Related Topic