How can I activate sudo without a password for the apache2 service?

Problem: I do not see how to enable the use of the service apache2 with sudo without password. I can enable it for all user commands, but as this seems like a bad idea, I only want to activate some commands.

Context: I'm trying to configure a streaming distribution / deployment system, and in this context, I let Ansible execute some commands on the target computers. Some of these commands unfortunately require sudo and I have to remove the corresponding password prompt. Ideally, all permissions in this process work with saved keys instead of passwords.

configs:
(Machine names have been replaced with placeholder values.)

Machine target.example.com under Ubuntu 18.04 LTS and Apache 2.x

Machine control.example.com under Ubuntu 16.04 LTS and Ansible 2.7.8

File /etc/sudoers.d/ansible on machine target.example.com:

ansible ALL = NOPASSWD: / usr / sbin / service / usr / sbin / apache2 *

File / etc / ansible / hostson machine control.example.com:

[production]



target.example.com

File ~ / deploy.yml on machine control.example.com:

---
- hosts: production
remote_user: ansible

Tasks:
- name: stop apache
shell: service apache2 stop
become: yes
become_method: sudo
- name: start apache
shell: service apache2 start
become: yes
become_method: sudo

Additional information:
When running ansible-playbook ~ / deploy.yml sure control.example.com, I receive an error sudo: a password is required. I can reproduce the prompt for the password when connecting to the target via ssh ansible@target.example.com and then running sudo service apache2 stop and sudo service apache2 start. Therefore, I hesitantly state that the problem lies somewhere with the sudo configuration on target.example.com and Ansible is only the messenger.

I've tried different configurations of /etc/sudoers.d/ansiblemainly because I am not at all sure of the correct syntax and have tried all kinds of expressions to see what works. The only job I've found is ansible ALL = NOPASSWD: ALL, which I want to avoid for security reasons.

https – Do I need cPanel's AutoSSL if I also activate the Cloudflare SSL protocol?

When you use cloudflare, there are two connections to your website because Cloudflare acts as a proxy in the middle:

User ------> Cloudflare ------> Origin (cPanel)

Cloudflare will enable SSL between the user and Cloudflare but may leave the connection unencrypted:

User ======> Cloudflare ------> Origin

If you also have SSL on the origin, both connections will be encrypted:

User ======> Cloudflare ======> Origin

Cloudflare does not need a certificate issued by a certificate authority. He will gladly use a self-signed certificate. However, using AutoSSL to obtain a signed certificate may limit adulteration attacks.

AutoSSL is LetsEncrypt for cPanel. LetsEncrypt uses an automatic response to verify that you are the domain owner:

  1. cPanel contacts LetsEncrypt and requests a certificate for a domain
  2. LetsEncrypt gives cPanel unique data to publish to a specific URL (under /.wellknown/acme-challenge/
  3. cPanel publishes the data
  4. LetsEncrypt checks that the data has been published, sees that you have control over the domain and gives the certificate to cPanel.

When you use Cloudflare, all requests first apply to Cloudflare before hitting your website. Cloudflare must go through the Acme Challenge requests and you should be able to get a LetsEncrypt certificate, even when Cloudflare is in the middle.

Wireless triggers – Why does not my Pixel King transmitter activate my Canon flash in "Multi" mode?

I have a question about strobe flash. I work with a Canon Mark IV, a 600Ex-rt Canon flash and a Pixel King transmitter and receiver.

I played with the flash on the camera and it works fine, but when I try to use it off camera, my camera does not allow me to select the MULTI mode . Instead, it automatically switches back to Manual (the flash is set to MULTI).

I do not know what I'm doing wrong and I would appreciate any help, because I'm starting to go crazy!

gm techniques – A player asked the DM to ignore the tradition to activate his character concept. How are we going to handle this?

My favorite one-shot adventure is set in a predominantly Elvish empire; the bad guys are the humans in the empire next door.

Sometimes people come to me and say, "Oh, my character is human, sorry, do I have to make a lot of last-minute changes?" And I always say, "No, that's fine, the nobility is exclusively Elvish but very welcoming to non-elven adventurers."

If I had wanted to live a super realistic adventure, I could have demanded that everyone be elvish. But I chose not to make it a stumbling block for the group.


Once, in this same adventure, a player came forward and told me that he was a necromancer. "It's good," I say, "but the group is at the fourth level and you do not get animate the dead until the fifth level. You will not go to the fifth level during this onehot. "

(I do not want to deal with the effects of animate the deadEven though I wanted to pass on this particular knowledge, I do not want a player character to have many combat-capable henchmen that I should follow.)

We played a little and met Elven corpses. The player told me that he wanted to "convert corpses into rations". I told him that we would not ask if this was happening or not.

We went a little further in the adventure and he continued to do the most ridiculous things deliberately transgressive. Finally, I asked him for his character sheet and I barred the place where he had written that his alignment was "CE". I wrote in "CG" and I returned it to him.

He did not give me any problems after that.

The onehot ended and he did not receive an invitation to the campaign.

(He was an adult player for the first time of D & D.)


I usually try to work with characters on characters, because it makes them happy and it does not cost me much. But sometimes people come into the game with the intention of hurting for evil, apparently just to have the thrill of watching everyone squirm and try to continue the story despite she.

Sometimes it's possible to let them into the game and just tell them "no, you can not do that" every time they try to cause a disturbance. Sometimes people will come to understand the message and become reasonable players.

But it's really easier to tell them, "I do not think my campaign fits your style of play."

(I did it too.) I said, "I know you like to play deliberately transgressive characters, and I want to tell a heroic story here, so it's probably not the right game. for you. "t visibly offended.)

Activate the alarm when certain text strings are received

I've seen a discord friend use this feature but he does it on a JBed iPhone. Is there a way for Android to achieve something similar?

javascript – Activate the form fields with JS with the radio button

I start with Javascript and I have a small problem.

I have an HTML form where I have a field radio where I have two options, Text and The. When I click on Text he loads a field Entrance to enter the title, when I select the The he shows me two fields a Entrance with title and subtitle.

How could I make this logic?

Text
The
{{Form :: label ("metadata," & # 39; Title & # 39 ;, ['class' => 'col-sm-2 col-form-label'](Ie.
{{Form :: text (& # 39; title & # 39 ;, null & # 39; ['class' => 'form-control', 'placeholder' => 'Digite um Titulo', 'required' => true](Ie.
{{Form :: label ('metadata', 'Subtitle', ['class' => 'col-sm-2 col-form-label'](Ie.
{{Form :: text (& # 39; pagetitle & # 39 ;, null, ['class' => 'form-control', 'placeholder' => 'Digite um Sub-Titulo', 'required' => true](Ie.
{{Form :: label ('metadata', 'Content', ['class' => 'col-sm-2 col-form-label'](Ie.
{{Form :: textarea (& # 39; slot & # 39 ;, null, ['class' => 'form-control', 'required' => true](Ie.
{{Form :: label ("metadata", "Background color:", ['class' => 'col-sm-2 col-form-label'](Ie.
{{Form :: checkbox (& # 39; Use default site & # 39 ;, & # 39 ;, false)}} Use default site
{{Form :: label ("metadata", "Title color:", ['class' => 'col-sm-2 col-form-label'](Ie.
{{Form :: checkbox (& # 39; Use default site & # 39 ;, & # 39 ;, false)}} Use default site
{{Form :: label ("metadata", "Color of text:", ['class' => 'col-sm-2 col-form-label'](Ie.
{{Form :: checkbox (& # 39; Use default site & # 39 ;, & # 39 ;, false)}} Use default site
{{- JQuert--}}

how to activate the banner from the Magento 2 admin panel

How can I activate banner from the admin panel and put my custom text in the banner in Magento 2,
I am not able to do that or find a relevant article about it.

2013 – Sandbox service permissions required to activate a solution on a database enabled by RBS

We have a database enabled for Remote Blob Storage (RBS). When attempting to activate the CRMListComponent Sandbox solution, an error occurred:

  • The UserCodeExecutionProxy call pipeline failed during runtime. ServiceUrl: tcp: //// SPUCExecutionHost; Microsoft.SharePoint.UserCode.SPUserCodeExecutionPipelineFailedException: Unable to load the assembly group. The user assembly group provider has thrown an exception when trying to provide user assemblies for the specified assembler group.

We were able to activate the sandbox solution after assigning the database role "db_rbs_admin" to the sandbox service account.

Since that confirms his permission problem, my question is:

what is the least amount of privilege required for the service account? We do not want to give more permission than necessary.

The only mention I see in the SharePoint RBS documentation is that the SharePoint IIS application pool identity that runs the Web site hosting the content database requires the "database_owner" privileges on the database content, but no mention of other service or service application identities.

How to disable / activate a plugin at a given time

Is there a hook that would allow me to disable and activate a specified plugin at any given time?

For example, I want to disable the wp contact form 7 plug-in every Tuesday at 6 o'clock and activate it on Wednesday at 2 pm.

Is it feasible?

Thank you!