This document provides information on how to execute the systemctl binary to start or stop services with sudo rules.
Since the systemctl binary requires root permissions to perform some actions, it is necessary to use the Sudo Rules feature to address this requirement.
- In the Segura® Platform, in the navigation bar, hover over the Products menu and select EPM.
- In the side menu, select Policies > Linux > Sudo Rules.
- In the Rules for sudo report, click Add and select General or Device.
- In the Registration rules for sudo screen, enter the following information:
- In the Identification name * field, enter a name to identify the rule.
- In the Enabled * field, select Yes to enable the rule.
- In the Commands for rule application (must be used the full path) * field, enter the following command:
/usr/bin/systemctl action service_binary_name. For example:/usr/bin/systemctl restart nginx. - In the It should be NOPASSWD? * field, select to ask or not the user to enter their password.
- In the Should it be FOLLOW? * field, select to be able to edit symbolic links.
- In the Should it be SETENV? * field, select to be able to set system parameters.
- Optional: In the Description field, enter a brief description of the rule.
- Optional: If you want to apply the sudo rules for devices, configure the Devices tab properly.
- Click Save.