I am trying to execute a couple of scripts by using a remote interface. The environment is Raspbian on a Raspberry Pi (although I will be using Debian later as well) running LAMP.
The files are test.php and test.sh in the root directory of the webserver (say example.com)
test.sh
#!/bin/bash
sudo pkill chromium-browse
sudo reboot
test.php
<?php
$output=null;
$resultCode=null;
exec("./test.sh", $output, $resultCode);
// $ouptut = shell_exec('./test.sh 2>&1'); //tried this too
// echo shell_exec("./test.sh"); // as well as this
echo "Returned with status $resultCode and output:\n";
print_r($output);
?>
Initially, I had used
chmod u+x test.sh
but got an error code of 126. So I did this:
chmod 777 test.sh
Now I get an error code of 1, but it still doesn't execute. I have also tried
sudo visudo
then added
pi ALL=(ALL) NOPASSWD: ALL
(pi is the current loggedin user)
Currently I am getting this:
Array
(
[0] =>
[1] => We trust you have received the usual lecture from the local System
[2] => Administrator. It usually boils down to these three things:
[3] =>
[4] => #1) Respect the privacy of others.
[5] => #2) Think before you type.
[6] => #3) With great power comes great responsibility.
[7] =>
[8] => sudo: no tty present and no askpass program specified
)
Note: I use sudo all the time at the command line without being asked for a password.
I do have another php file in the same directory that executes an actual system command successfully. It has this line:
$uptime = exec("uptime");
which works just fine, so I know system commands are possible. Is there any way to do this? I have seen other similar questions on SO and other sites, but none of those answers have worked for me.
Any help appreciated.
Related
I'm trying to run this command within a PHP file on a localhost webpage that runs on apache and PHP:
echo exec("/usr/bin/killall mplayer 2>&1", $result);
But it does not work, this command print_r($result); gives this output:
mplayer: no process found
Array ( [0] => mplayer(5003): Operation not permitted [1] => mplayer(5004): Operation not permitted [2] => mplayer: no process found )
Things I have tried are adding this to the /etc/sudoers
www-data ALL=(ALL:ALL) ALL
%www-data ALL=(ALL:ALL) ALL
This is a device that runs on an internal network in my home, so not a security risk.
I'm pretty sure it is a file/permission/ownership issue, but not sure what to do to allow it to run.
Any ideas? Thanks.
I'm using Centos7 OS, I have this script that mount a folder from windows PC
exec('sudo mount -t cifs -o username="'.$user.'",password="'.$pass.'",dir_mode=0777,file_mode=0777
//'.$ip_address.'/c/kitpos/update /mnt 2>&1', $output, $results);
And I got this fancy error message that looks like a permission issue.
Array
(
[0] =>
[1] => We trust you have received the usual lecture from the local System
[2] => Administrator. It usually boils down to these three things:
[3] =>
[4] => #1) Respect the privacy of others.
[5] => #2) Think before you type.
[6] => #3) With great power comes great responsibility.
[7] =>
[8] => sudo: no tty present and no askpass program specified
)
My /mnt folder ownership and permission is root and 777 but even if I change it www-data:www-data which is my php running as, still got the same error.
777 drwxrwxrwx 2 root root 4096 mnt
I also have an Ubuntu server but it works fine in their with that same code. Does anyone have an Idea?
I'm trying to make a script where I can Git pull on my ubuntu server after push to Bitbucket repository. I've setup ssh keys to Bitbucket and it works to do git pull command on the repository but it doesn't work when I try it from php exec.
I've tried chmod commands like /.ssh/bitbucket_rsa like 775 and 777 and chown -R www-data:www-data/.ssh without any luck.
Response:
array (
0 => 'Host key verification failed.',
1 => 'fatal: Could not read from remote repository.',
2 => '',
3 => 'Please make sure you have the correct access rights',
4 => 'and the repository exists.',
)
Code:
public function gitPull() {
try {
exec("cd " . env("REPO_PATH") . " && git pull 2>&1", $output);
Log::info($output);
} catch (\Exception $e) {
Log::error($e);
}
http_response_code(200);
}
I guess you are stuck with the fact that the user www-data can not establish the SSH connection to the git server. I think the simplest was is to create a home directory for the www-data user and create a .ssh directory with the proper permissions, a config file and the key file in there. You could always test the setup as root with
# su - www-data
$ cd <to your repository>
$ git pull
Google for "SSH connections without password" to set it up correctly. And also be aware that SSH refuses to use a key file if the permissions are to loose.
Host key verification failed.
means that ssh could not verify the host key, most likely because there's no known_hosts file in www-data's home/.ssh directory that contains the expected host key for your repo's server.
There's at least two ways to fix that:
Use ssh-keyscan as described over on Serverfault.se:
ssh-keyscan -H [hostname] >> /path/to/www-data's_home_directory/.ssh/known_hosts
You only need to do that once (unless the key changes), but you should check that the key is indeed correct after you run ssh-keyscan.
Set the GIT_SSH_COMMAND environment variable before running git. You can use this to have ssh use a different known_hosts file:
export GIT_SSH_COMMAND="ssh -o UserKnownHostsFile=/path/to/known_hosts"
Note that the above assumes shell syntax (e.g. Bash), you may need to adjust for PHP, particularly the export GIT_SSH_COMMAND= part.
I stack with the same problem working with github:
ssh-keyscan -t rsa github.com | tee github-key-temp | ssh-keygen -lf -
cat github-key-temp >> ~/.ssh/known_hosts
cat github-key-temp >> /etc/ssh/ssh_known_hosts
But that is not all, with next command you can check what is goes wrong (run it throught exec or shell_exec (save out put to some log):
ssh -vT git#github.com 2>&1
So, with help of privious command, i understand that in my case: cron run's command via php script, but duaring ssh connection it could not find my keysfile (i have custom name for that file):
cd /etc/ssh/ssh_config.d/
sudo touch <some_name>.conf
sudo echo 'IdentityFile ~/.shh/<custom_key_file_name>' > <some_name>.conf
Or try to add full path to location of your keyfile (~/ = current user home dir).
You can check cron user by runing, this can helps to:
shell_exec('whoami');
P.S. I have no idea if this solution is enough secure. but i think fine.
Every time I execute my script with:
exec('sudo profile status-koneksi',$status);
print_r($status);
it always does nothing, I have no idea how to debug this one, my script requires root permission so I appended the following lines to /etc/sudoers file:
Cmnd_Alias ANGEL_BEATS = /usr/bin/profile, /usr/bin/socks, /usr/bin/gsm, /usr/bin/gssh, /usr/bin/ping_loop, /usr/bin/restart-openvpn, /usr/bin/sms.py, /usr/bin/sms_gateway, /usr/bin/socks, /usr/bin/ussd.py, /usr/bin/vpn, /usr/bin/wgetui
ab ALL=NOPASSWD: ANGEL_BEATS
%ab ALL=NOPASSWD: ANGEL_BEATS
However, it works just fine when I execute the command from my terminal:
How do I solve this ?
UPDATE:
As suggested by a comment below, I run this script:
if(exec("sudo sh /usr/bin/profile status-koneksi 2>&1", $output, $return_var)){ print_r($output); print_r($return_var); }
And it returns:
Array ( [0] => sudo: no tty present and no askpass program specified ) 1
Since your script requires root permission to run, it would be nice if you could set the setuid bit. Try this:
chmod u+s <your_script>
More info here (from Wikipedia)
I have this script,
<?php
exec('/usr/local/bin/antiword /var/www/html/rezyme_2015.doc', $output);
var_dump($output);
?>
but in browser I see:
array (size=0)
empty
I have in /usr/bin/antiword and I copy to /usr/local/bin/antiword. If I run in console:
php antiword.php
Output is
[0] =>
string(0) ""
[1] =>
string(52) "hello"
[2] =>
string(0) ""
In one forum, I saw the exact problem reported. The person that has this problem says that he solved this problem. Here is the quotation:
"Yes, it turned out to be the accessibility of the map files - they weren't world readable, once I changed permissions, it worked great. Thanks all"
However, I did not unnderstand how he solved the problem and how also I can reach and allow those map files of antiword.
And I found:
Maybe the user apache or www-data or nobody or whatever your webuser is
called, has no permissions to execute it?
You can simply check this by:
1) sudo su www-data (or whatever etc.etc see above)
2) call the script as you do in your exec() command
Or you blocked exec() in PHP.ini.
I not found in PHP.ini in /etc/php5/apache2/ and /etc/php5/cli/ this blocked exec() or exec()
And I run in my terminal:
sudo su www-data
This account is currently not available.
My question, why in my browser this script not correctly work:
array (size=0)
empty
When I get chmod 777 -R for file.doc then I have return array, but how do right ?
and what I need for fix this problem, step-by-step, whats create, whats change, help please.