ramorrismorris
commented
9 years ago /etc/sudoers was missing line Host_Alias APPHOSTS = etc, etc-dev referenced in /etc/sudoers.d/apache2 which grants access to "service apache2..." and "/etc/init.d/apache2 ..."
There is also a possibly spurious line Defaults mail_badpass in /etc/sudoers. If this is harmless, I will also add it on etc-dev, but not until after avatol stress test. Hence leaving this open even of thomas now has control of apache2.
thomas@etc:~$ sudo /etc/init.d/apache2 restart [sudo] password for thomas: Sorry, user thomas is not allowed to execute '/etc/init.d/apache2 restart' as root on etc.cs.umb.edu.