It is going to be fairly difficult to restrict a sudoer to a single folder. I believe there are some options, commonly referred to as a
jail. I believe it involves a mounted folder (mounted like a virtual drive), and even then it isn’t completely safe.
It may not suit your situation, but it is possible to use a process manager like
PM2 to do things like restarting services and I believe it only requires
sudo access upon the first installation (you may be able to revoke sudo access after install). Once installed it can restart processes and initiate new processes (there will be some limitations here, you will have to see if you can live with them). There are a few articles on using
PM2 in the Community Tutorials section.
You may also be able to use something like
vsftpd to achieve restriction to a specific directory (although generally the assumption is a non-sudo user’s home directory). You could check the How To Set Up vsftpd for a User’s Directory on Ubuntu 16.04 to see if that suits your situation.
I don’t think there is going to be a perfect fit, because I don’t think it was ever the intention to give an untrusted user sudo access. Good luck with it either way.
FTP, short for File Transfer Protocol, is a network protocol that was once widely used for moving files between a client and server. It has since been replaced by faster, more secure, and more convenient ways of delivering files. Many casual Internet users expect to download...