Sudo access to a single service – RHEL 7 / CentOS 7

Issue

You need to give only the apache / httpd restart permission to the developers via sudo.

Solution

• Add the below lines to /etc/sudoers

Cmnd_Alias WEBDEVS = /sbin/service httpd *
user1 ALL = NOPASSWD:WEBDEVS

• Now the user can run the below commands to any action (start / stop / restart etc) on httpd service.

sudo /sbin/service httpd restart

Eg:

[root@rhel7 ~]# su - user1
[user1@rhel7 ~]$ sudo /sbin/service httpd restart
Redirecting to /bin/systemctl restart  httpd.service

Jobin Joseph

nixhive.com/