FreeBSD, acme.sh, and sudo
David Mehler
dave.mehler at gmail.com
Wed Dec 19 14:42:07 UTC 2018
Hello,
I've got a FreeBSD 11.2 system. I'm running apache 2.4 and acme.sh for
letsencrypt certificate management.
I've got one problem, keys and certificates are created, and installed
and renewed correctly, but at the end of the command I do
--reloadcmd "sudo service apache24 reload"
so that any renewed certificates will be picked up. I am getting the
following from sudo:
[acme at xx ~]$ sudo service apache24 reload
sudo: pam_open_session: system error
sudo: policy plugin failed session initialization
In my sudoers file I have:
# Allow anyone in the acme group, without a password, to use
/usr/sbin/service commands
%acme ALL=NOPASSWD: ALL
and user privileges:
# finger acme
Login: acme Name: ACME protocol client
Directory: /var/db/acme Shell: /usr/local/bin/bash
No Mail.
No Plan.
#groups acme
acme
#id acme
uid=169(acme) gid=169(acme) groups=169(acme)
Suggestions welcome.
Thanks.
Dave.
More information about the freebsd-questions
mailing list