[sudo-users] best way to user sudo for a long running back group process

Davis Roman davis.roman84 at gmail.com
Fri Mar 16 15:47:51 MDT 2018


I have a daemon called powermanager running as the non-root user, power.

In /etc/sudoers.d/power, I have the following:

I know that the above statement essentially gives the powermanager
process root priveleges
however, in the future, I'd like to have the option to enforce that
certain commands/files not be used.
My understanding is that the sudoers file would be the place to place
these rules.
( ie: disable ability to open file /dev/foobar )

Therefore on startup, I configured my systemd unit file to run as the
power user however I'm trying to figure out which is best:

1. launch this process as 'sudo powermanager'


2.  launch my process as just 'powermanager' and let the process deal
with invoking sudo when it needs to open files in /dev/

Any feedback would be greatly appreciated.

Thank you,


More information about the sudo-users mailing list