-
-
Save pranaysonisoft/c2473fe01963dd2052ac1a22fdb43196 to your computer and use it in GitHub Desktop.
Restart / Reload Nginx without Entering Sudo Password
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Enter this command to create a sudoers override/include file: | |
| # sudo visudo -f /etc/sudoers.d/nginx.overrides | |
| # (Make sure you actually have this in your /etc/sudoers - Run `sudo visudo` to check) | |
| # #includedir /etc/sudoers.d | |
| # This file assumes your deployment user is `deploy` | |
| # Nginx Commands | |
| Cmnd_Alias NGINX_RESTART = /usr/sbin/service nginx restart | |
| Cmnd_Alias NGINX_RELOAD = /usr/sbin/service nginx reload | |
| # No-Password Commands | |
| deploy ALL=NOPASSWD: NGINX_RESTART, NGINX_RELOAD |
if error like this , if you set a wrong on sudoers file then
$ sudo visudo
/etc/sudoers: syntax error near line 28 <<<
sudo: parse error in /etc/sudoers near line 28
sudo: no valid sudoers sources found, quitting
https://askubuntu.com/questions/73864/how-to-modify-an-invalid-etc-sudoers-file
pkexec visudo
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Main Stack link https://stackoverflow.com/questions/3011067/restart-nginx-without-sudo
There is a better answer on Stack Overflow that does not involve writing a custom script:
The best practice is to use /etc/sudoers.d/myuser
The /etc/sudoers.d/ folder can contain multiple files that allow users to call stuff using sudo without being root.
The file usually contains a user and a list of commands that the user can run without having to specify a password.
Instructions:
In all commands, replace myuser with the name of your user that you want to use to restart nginx without sudo.
Open sudoers file for your user:
$ sudo visudo -f /etc/sudoers.d/myuser
Editor will open. There you paste the following line. This will allow that user to run nginx start, restart, and stop:
myusername ALL=(ALL) NOPASSWD: /usr/sbin/service nginx start,/usr/sbin/service nginx stop,/usr/sbin/service nginx restart,/usr/sbin/service nginx reload
Save by hitting ctrl+o. It will ask where you want to save, simply press enter to confirm the default. Then exit out of the editor with ctrl+x.
Now you can restart (and start and stop) nginx without password. Let's try it.
Open new session (otherwise, you might simply not be asked for your sudo password because it has not timed out):
$ ssh myusername@myserver
Stop nginx
$ sudo /usr/sbin/service nginx stop
Confirm that nginx has stopped by checking your website or running ps aux | grep nginx
Start nginx
$ sudo /usr/sbin/service nginx start
Confirm that nginx has started by checking your website or running ps aux | grep nginx