With sysvinit, a sudoers entry like this would suffice:
%webteam cms051=/sbin/service httpd *
This would allow for commands such as:
sudo service httpd statussudo service httpd restart
Now, with systemd, the service name is the final argument. I.e., the service restart would be done with:
systemctl restart httpd.service
Naturally, I thought defining the command as systemctl * httpd.service would work but that would allow something like systemctl restart puppet.service httpd.service which is not the desired effect.
With that being considered, what would be the best way allow non-root users to control a system.d service then? This doesn't need to be sudoers; perhaps a file permission change may be sufficient?
Aucun commentaire:
Enregistrer un commentaire