SYSTEM: CentOS release 6.2 (Final)
I am attempting to allow only users of a certain group lets call it websupport access to restart 2 services: mysqld and httpd
EDIT: I do not want to give these users sudo access
I have added these lines to /etc/sudoers:
%websupport ALL=NOPASSWD:/etc/init.d/httpd
and
%websupport ALL=NOPASSWD:/etc/init.d/mysqld
When logged in as the user and attempting to run:
/etc/init.d/httpd restart
I get this result:
rm: cannot remove '/var/run/httpd/httpd.pid': Permission Denied [FAILED]
rm: cannot remove '/var/lock/subsys/httpd' : Permission Denied
rm: cannot remove '/var/run/httpd/httpd.pid' : Permission Denied
Starting httpd: httpd: apr_sockaddr_info_get() failed for wssapache
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
(13)Permission denied: make_sock: could not bind to address [::]:80
(13)Permission denied: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
Unable to open logs [FAILED]
When attempting to run:
/etc/init.d/mysqld restart
I get this result:
cat: /var/run/mysqld/mysqld.pid: Permission denied
Stopping mysqld: [FAILED]
Starting mysqld: [ OK ]
Best Answer
The entries in your sudoers look ok. What you need to so is use sudo to run the command e.g.
and
You can combine the entries in sudoers too