Linux: how to give a user permission to restart apache?

apache-2.2 ubuntu permissions
95,502

Solution 1

Short answer:

Using visudo, add the following to your sudoers file, replacing username with the proper username:

username ALL = /etc/init.d/apache2

If you want to not have to type in a password before you do this, use the following:

username ALL = NOPASSWD: /etc/init.d/apache2

After this, the 'username' user can execute sudo /etc/init.d/apache2 start (or stop, restart,etc)

Long answer: You'll likely want to setup a separate user for this if you haven't already, and then configure the /etc/sudoers file to allow a user or group to execute the command you want.

For example, to allow the user 'ben' to execute all commands as root prompting for a password, you would do the following:

ben ALL= ALL

To allow 'ben' to execute only one command (like say, rm), you would do the following:

ben ALL= /bin/rm

If you are running a script as a user and don't want to prompt for a password, you'll want to use the 'NOPASSWD' option like so:

ben ALL=NOPASSWD: /bin/commandname options

You can do the same thing for groups by prefixing group names with a percentage sign, like so:

%supportstaff          ALL= NOPASSWD: /bin/commandname

Solution 2

Short answer: sudo.

The call would look similar to the following: sudo /etc/init.d/apache2 restart

Easiest is to use visudo to set up the /etc/sudoers file. See man sudoers and man visudo for details.

Share:
95,502

Related videos on Youtube

Charlie Gorichanaz
Author by

Charlie Gorichanaz

Updated on September 17, 2022

Comments

  • Charlie Gorichanaz
    Charlie Gorichanaz almost 2 years

    I have a script running under a non-root user which, under certain conditions, should restart apache httpd.

    What would be the simplest way for me to allow the user to do that?

    I'm using Ubuntu Server 8.04 LTS.

  • Matt Fletcher
    Matt Fletcher over 9 years
    OP said about doing it through a script- the script won't be able to enter a password so this answer won't make any sense.
  • ThorSummoner
    ThorSummoner over 8 years
    Can username be restricted to a subset of parameters? Say start restart but not stop?
  • ThorSummoner
    ThorSummoner over 8 years
    the visudo command does safety checks on your edits so you don't break the sudo/su command by accident: unix.stackexchange.com/a/27595/61349
  • Robin Kanters
    Robin Kanters almost 7 years
    @MattFletcher unless you use NOPASSWD

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How can I set the default permissions for files uploaded by apache2?
How to give the Apache group write access to log files, and an FTP user read-only access
Javascript 404 not found, but PHP and CSS loading
WSGI says "permissions denied" on my Ubuntu server, no WSGISocketPrefix setting works
fopen: failed to open stream: Permission denied on directory with 755
ubuntu amp Forbidden
Symfony permission denied
Crontab Permission Denied
Unable to run compiled files - bash: ./a.out: Permission denied. (I've tried chmod)
Authentication Required for everything I do in Ubuntu 19.10