Using ubuntu 16.04LTS
I am trying to allow a guest user who does not have sudo powers to reload nginx whenever they need to by executing a simple script:
#!/bin/sh
nginx -s reload
which has permissions -r-xr-xr-x
and allowing them to do that with adding a line in the sudoers file:
root ALL=(ALL:ALL) ALL
guest ALL=NOPASSWD: /path/to/script.sh
This still gives permission denied errors.
nginx: [alert] could not open error log file: open() "/usr/local/nginx/logs/error.log" failed (13: Permission denied)
I don't want to give my guest users sudo permissions, but in order to reload nginx I usually need to use sudo nginx -s reload
Edit: Solved my issue - I was overthinking the problem by trying to run the commands my guest users needed via a script. Also not really getting how /etc/sudoers worked. This video helped a lot: https://www.youtube.com/watch?v=YSSIm0g00m4
As root I made a sudoers.d file, visudo -f /etc/sudoers.d/guests, to correctly give my guests sudo powers over nginx and nginx alone:
Cmnd_Alias NGINX = /usr/local/nginx/sbin/nginx
Cmnd_Alias GUESTS_CMND = NGINX
%guests ALL=GUESTS_CMND
As in my edit - I was overthinking the problem by trying to run the commands my guest users needed via a script. Also not really getting how /etc/sudoers worked. This video helped a lot: https://www.youtube.com/watch?v=YSSIm0g00m4
As root I made a sudoers.d file,
visudo -f /etc/sudoers.d/guests, to correctly give my guests sudo powers over nginx and nginx alone: