As already answered, this message comes from the Polkit Authorization Manager which is in simple words a systemd way of controlling who can do what, including managing systemd services.
For OP the right solution is to configure the service to be a user-level systemd service.
But in case of system-level services here is what you should do:
Add a rule for Polkit that would allow your user to manage the service, like this:
cat > /etc/polkit-1/rules.d/10-some-daemon.rules << POLKIT
polkit.addRule(function(action, subject) {
if (action.id == "org.freedesktop.systemd1.manage-units" &&
action.lookup("unit") == "some-daemon.service" &&
subject.user == "bob") {
return polkit.Result.YES;
}
});
POLKIT
...buuuuuut with systemd v219 in Centos 7, action
does not have access to the unit
! This has been added in v226... So you would need to allow the user to manage all units, which is most probably not what you should do...
Therefore I suggest you to switch to plain old sudo
to allow your users to manage the services, for example:
cat > /etc/sudoers.d/some-daemon << SUDO
bob ALL= NOPASSWD: /bin/systemctl restart some-daemon.service
bob ALL= NOPASSWD: /bin/systemctl stop some-daemon.service
bob ALL= NOPASSWD: /bin/systemctl start some-daemon.service
SUDO
Main sources:
systemd --user
as it described in this article. Otherwise, you could give sudo for each user for required services.