Permissions to execute commands as another user
 

I installed a program named IntelMQ, here it is all the steps that I made to install it in a CentOS 7https://github.com/certtools/intelmq/issues/981. During the installation two users are created: intelmq and apache.
The user apache is part of the GUI of the IntelMQ program and it has to execute commands as the user intelmq.
Basically, I can start the IntelMQ bots on the GUI, however I can't stop them. Probably is due to permission problems.

In the command line if I try to execute this command as the user apache it returns this:

Command: Output: I'm very new to CentOS.

I do not really understand why do you need double sudo.
Probably it can work without sudo -u apache too.
Also it is not related to centos at all.
I do not really know which user is allowed to execute /usr/bin/intelmqctl.
Finally I think you need to configure the sudoers, see visudo

I already configured the sudoers file through visudo and that didn't solve my problem. I know this issue is not 100% related to CentOS, but in IntelMQ GitHub they weren't able to help me, because they are not familiarized with this OS.

It's still not an OS issue but one of configuring /etc/sudoers properly. Why does it have to be just the account "apache" that should be able to launch /usr/bin/intelmqctl as as the account "intelmq" ?

Can you show what line you added to /etc/sudoers?

The user apache gives access to the web interface of intelmq, and to execute any commands in the web interface, apache needs to run them as the user intelmq.

I added this line to the sudoers file: apache ALL=(intelmq) NOPASSWD: /usr/bin/intelmqctl

Is there a possibility that maybe my sudo is broken, and maybe that's why I can't execute the commands?

I'm really sorry to bother you guys with a subject that is not related to the OS 100%, but I don't know anywhere else to ask help.

Close. If it "apache" that you will have run sudo then /etc/sudoers needs to be set to allow that. However, be very precise with the options:

See either of the following to get up to speed on configuring sudo

• sudo: You're Doing It Wrong (slides)
• sudo: You're Doing It Wrong (video)

This line in the /etc/sudoers raises a JSON error in IntelMQ's web interface...

Anyway, thank you very much for your help. I will try to talk again with the IntelMQ team, because this is something related to the program and not the OS itself.

Once again, thank you!

Does it work manually from the shell?

There's a server subforum here. I think that's what was being referred to.

Yes, it does work from the shell.

Alright I'll take a look on that subforum, thank you!

so it works from shell. That means it is an issue with this sudoers, not with the application. /etc/sudoers itself cannot raise any json error.