Linux: Setting up a non-sudoer user to run certain commands with sudo

How to give a non-sudoer user the ability to run certain commands as root. Example a Web admin who needs the ability to restart or reload the web server service but wont be able to run any other commands as root.

Run:

sudo visudo -f /etc/sudoers.d/<name_of_file_you_want>

the -f switch is to create/specify a new sudoers file/location

From the example:

1

This will make a new file in the “/etc/sudoers.d” directory that you can add alias command groups that who ever you add to the group can run it as root

In the file the syntax is:

Cmnd_Alias <alias_name> = <full path of command> <command option> <argument>

<username> ALL=<alias_name>

You can specify multiple commands just separate them by a comma.

From the example:

Screenshot_20190709_121132

Then save the file (esc   ->   :wq)

Now the user you added will be able to run that alias you specified as root and that is the only one they can run unless you add more. So from the example the user “gfreeman” can now run

“sudo systemctl restart httpd.service”

and

“sudo systemctl reload httpd.service”

 

 

 

 

Example learned from a lab at linuxacademy.com, in which i have rewritten from memory. (Or did but double checked myself.)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s