Impulse The Fox

Asked: 2019-04-29 21:57:35 +0800 CST2019-04-29 21:57:35 +0800 CST 2019-04-29 21:57:35 +0800 CST

Is it safe to permit using sudo to application-created users?

I have a jenkins setup on my server that has automatically created the jenkins user, which is used for its os-operations. However, I need Jenkins to stop and start a service (via systemctl) after a specific build has been completed.

My current script (that gets executed after a build of myapp) looks like this:

sudo systemctl stop myapp
rm -f /opt/myapp/myapp.jar
mv target/myapp.jar /opt/myapp
sudo systemctl start myapp

To make this work, I simply added the jenkins user to the sudoers file for all commands without password prompt:

jenkins ALL=(ALL:ALL) NOPASSWD: ALL

Is it safe to do this? What vulnerabilities do I expose myself to? Is there a better way to do this? If yes, how?

Is it safe to permit using sudo to application-created users?

How to install Google Chrome

Is there a command to list all users? Also to add, delete, modify users, in the terminal?

How to delete a non-empty directory in Terminal?

How to unzip a zip file from the Terminal?

How can I copy the contents of a folder to another folder in a different directory using terminal?

How do I install a .deb file via the command line?

How do I run .sh scripts?

How do I install a .tar.gz (or .tar.bz2) file?

How to list all installed packages

Unable to lock the administration directory (/var/lib/dpkg/) is another process using it?

Is it safe to permit using sudo to application-created users?

0 Answers