Ubuntu – How to give nopasswd access to multiple commands via sudoers


Below is what I know:

I have to add this below line in sudoers file to give rights to the user for particular task.

user_name ALL=NOPASSWD: /usr/bin/apt-get install

In this case I want to give access to this user to restart 2 services (i.e. Apache and MySQL) with all install rights.

Using the above line, I have given him all install rights, now do I have to add same line two more times to give the rights for services? Or can I just add those commands in the same line, separated by comma or something?

Best Answer

I have solved the issue by creating a new group for limited admin rights... name of that group is LimitedAdmins after that I updated the sudoers file as below.

The line I appended is:

%LimitedAdmins ALL=NOPASSWD: /usr/bin/apt-get*, /etc/init.d/apache2 restart

This is the complete /etc/sudoers file:

# This file MUST be edited with the 'visudo' command as root.    
# Please consider adding local content in /etc/sudoers.d/ instead of directly modifying   his file.   
# See the man page for details on how to write a sudoers file.  
Defaults    env_reset

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root    ALL=(ALL:ALL) ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL  

#includedir /etc/sudoers.d
%domain_name\\administrators ALL=(ALL) ALL
%LimitedAdmins ALL=NOPASSWD: /usr/bin/apt-get*, /etc/init.d/apache2 restart

It works perfectly fine in case if your system is domain or not.

Related Question