Created
June 27, 2015 20:31
-
-
Save sheharyarn/f3d98e8cc859f092532b to your computer and use it in GitHub Desktop.
Restart / Reload Nginx without Entering Sudo Password
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Enter this command to create a sudoers override/include file: | |
| # sudo visudo -f /etc/sudoers.d/nginx.overrides | |
| # (Make sure you actually have this in your /etc/sudoers - Run `sudo visudo` to check) | |
| # #includedir /etc/sudoers.d | |
| # This file assumes your deployment user is `deploy` | |
| # Nginx Commands | |
| Cmnd_Alias NGINX_RESTART = /usr/sbin/service nginx restart | |
| Cmnd_Alias NGINX_RELOAD = /usr/sbin/service nginx reload | |
| # No-Password Commands | |
| deploy ALL=NOPASSWD: NGINX_RESTART, NGINX_RELOAD |
In addition, here is a more generic version of the file that you may wish to use instead:
deploy ALL=(ALL:ALL) NOPASSWD: /usr/sbin/service nginx *
It never said how to run this.
I spent 1 hour to understand that you need explicitly specify sudo command even if you added user to sudoers.
/usr/sbin/service nginx reload => will prompt to enter password
sudo /usr/sbin/service nginx reload => will reload nginx without any password prompt
this should be run only after nginx overrides file created.
It's the best configuration, it took me a little while to find something that works, but that's exactly what I needed. Thank you very much, and thank you also for the capistrano task ;-)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Note that, at least on my system (Ubuntu 16.04), this filename cannot contain a
.character!! From the sudoers manual:In other words, you can instead run a command such as
sudo visudo -f /etc/sudoers.d/nginx_overridesto generate this file.