I’m using chef-solo as a non root user named ‘chef’. I would like to restrict
this user’s commands to the minimum necessary. So I have added the below line
chef ALL=(ALL) NOPASSWD: /usr/bin/chef-solo
Chef-solo seems to run normally in this setting. Is this OK?