2

I want to run monit as another user on Ubuntu 16.04, but it keeps prompting for a password. Seems policykit is new on Ubuntu 16.04. How could I put this service into the ignore authentication list?

My goal is that user1 would be able to run service monit start and service monit stop without getting a prompt for password.

Running it as root is not an option

user1@serverabc.uk:~$ service monit start
==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units ===
Authentication is required to start 'monit.service'.
Authenticating as: root
Password: 

polkit-agent-helper-1: pam_authenticate failed: Authentication failure
==== AUTHENTICATION FAILED ===
Failed to start monit.service: Access denied
See system logs and 'systemctl status monit.service' for details.
user1@serverabc.uk:~$ 
user1@serverabc.uk:~$ systemctl status monit.service 
* monit.service - LSB: service and resource monitoring daemon
   Loaded: loaded (/etc/init.d/monit; bad; vendor preset: enabled)
   Active: active (exited) since Fri 2017-06-30 11:30:51 GMT; 6h ago
     Docs: man:systemd-sysv-generator(8)

Loaded: loaded (/etc/init.d/monit; bad; vendor preset: enabled) <- this line showing it's using init.d old file instead of new type of service file, so I can't just edit service file and point it to specific user.

Zanna
  • 70,465
Thomas G. Lau
  • 233

1 Answers1

3

I found the solution!

Add a file, /etc/polkit-1/localauthority/50-local.d/monit.pkla with these contents

[monit service]
Identity=unix-user:user1
Action=org.freedesktop.systemd1.manage-units
ResultAny=yes
ResultInactive=yes
ResultActive=yes

Now user1 can start monit without problems

Zanna
  • 70,465
Thomas G. Lau
  • 233