{"id":663,"date":"2010-05-13T11:19:00","date_gmt":"2010-05-13T05:49:00","guid":{"rendered":"http:\/\/www.tothenew.com\/blog\/?p=663"},"modified":"2010-06-09T15:25:07","modified_gmt":"2010-06-09T09:55:07","slug":"how-to-allow-non-root-user-to-startstop-apache-process-on-a-nix-server","status":"publish","type":"post","link":"https:\/\/www.tothenew.com\/blog\/how-to-allow-non-root-user-to-startstop-apache-process-on-a-nix-server\/","title":{"rendered":"How to allow non-root user to start\/stop Apache process on a *nix server"},"content":{"rendered":"

Recently, I had to write a script to deploy a Grails application on a cluster of 7 servers without prompting for any kind of passwords. The load balancer was configured so as NOT to direct any request to the node, if the Apache process is not running on the server.<\/p>\n

So, my script to do the deployment on all the servers one by one is very simple — (a) stop Apache (b) deploy new version of the app on Tomcat using deploy.sh script lying on the server (c)\u00a0 start Apache<\/p>\n

\r\nSERVER_IPS=\"10.20.30.40 10.20.30.41 10.20.30.42\"\r\nfor i in `echo $SERVER_IPS`\r\ndo\r\n     echo \"Deploying on Web Host $i\"\r\n     ssh applicationUser@$i \"cd; apache2ctl stop; .\/deploy.sh; sleep 30; apache2ctl start\"\r\ndone\r\n<\/pre>\n
The only hiccup is that the applicationUser does not have rights to start\/stop Apache.\u00a0 After looking around for a while, I came to know about setuid<\/a><\/strong> which allow users to run an executable with the permissions of the executable’s owner or group.<\/p>\n
So, all I had to do in order to allow\u00a0 applicationUser to bounce apache process is :<\/p>\n
sudo u+s \/usr\/sbin\/apache2\r\nsudo u+s \/usr\/sbin\/apache2ctl\r\n<\/pre>\n
I also had to set the trusted relationship between the production servers and my machine in order to allow password-less SSH login.<\/p>\n
After I did the above steps, I could deploy my application to all nodes in the cluster with a single command.<\/p>\n
-Deepak<\/p>\n","protected":false},"excerpt":{"rendered":"
Recently, I had to write a script to deploy a Grails application on a cluster of 7 servers without prompting for any kind of passwords. The load balancer was configured so as NOT to direct any request to the node, if the Apache process is not running on the server. So, my script to do […]<\/p>\n","protected":false},"author":12,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"iawp_total_views":10},"categories":[1],"tags":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/posts\/663"}],"collection":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/comments?post=663"}],"version-history":[{"count":0,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/posts\/663\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/media?parent=663"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/categories?post=663"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/tags?post=663"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}