What I want to achive:
I want to update my git repository (which holds my laravel app) on my shared host whenever i push something into my repository. To do so, I have a deploy.sh script on my shared host which pulls my repository and deletes all caches from my laravel app.
In order to run this bash script automatically I also got a php script which is triggerd by a Github webhook whenever i push something into my repository.
My problem:
I try to run my bash script on my shared host with my php script but that doesn't work.
What i tried:
My bash script by itself runs perfectly fine when I execute it manually on my shared host via ssh. But it won't get executed by my php file.
PHP
<?php
function debug_to_console($data) {
$output = $data;
if (is_array($output))
$output = implode(',', $output);
echo "<script>console.log('Debug Objects: " . $output . "' );</script>";
}
$access_token = 'maxi9000';
$client_token = $_GET['token'];
if ($client_token !== $access_token)
{
echo 'error 403';
}
else{
$old = getcwd();
echo '</br>'.$old;
$file = $old.'/mhraschan.com/deploy.sh';
echo '</br>'.$file;
if(is_file($file)){
echo '</br>Is file';
if(!is_executable($file)) {
chmod($file, 0755);
echo '</br>file not executable - run chmod';
if(is_executable($file)) echo "File is now executable";
}
//Try to run bash file
$return = shell_exec('bash '. $file);
echo '</br>Shell return: '.$return;
debug_to_console('Shell return'.$return);
}
}
?>
Output of my browser when running the php script manually:
/data/web/e115665/html/test
/data/web/e115665/html/test/mhraschan.com/deploy.sh
Is file
file not executable - run chmod
Shell return:
So my file is not executable and runs chmod but after that it seems that it still is not executable because it doesn't run that line again: if(is_executable($file)) echo "File is now executable";
Also i dont get any output from my shell_exec command.
Any solution?
This is almost certainly an issue with permissions - remember, your web server is not running as root; if you're using Apache, you're probably running as www-data - other web servers will use other users. Thus, your attempt to chmod the file is failing, since you don't have permission to change the permissions on that file. And if the permissions for the file do not include "executable" for the web server's user, the script will not run.
Check the return value from the chmod function - I think you'll find it's false (meaning that it failed, per the documentation).
Related
I have a simple PHP page that calls a simple PowerShell script.
test.php
<?php
$runCMD = "powershell.exe -NoProfile -ExecutionPolicy Bypass -File teste.ps1 2>&1";
exec($runCMD,$out,$ret);
if ($ret != 0) {
echo "Could not run PowerShell.";
} else {
echo implode("\n",$out);
}
?>
test.ps1
Write-Host "Just testing!"
When both files are placed in c:\inetpub\wwwroot, everything works fine. However, if I place them in a shared network folder (\\myserver\test, for example) and point IIS to this folder, php still works but it's not able to run the PowerShell script anymore. exec just returns error code 1 and the message "Could not run PowerShell" is printed. I am currently using PHP 7.4.1, IIS 10, Windows Server 2019 and PowerShell 5.1.
Any ideas on how to solve this?
App pool identities have very limited access to the local file system (and none outside the local computer). You will need to modify ACLs on the file system to give the identities the access they need.
try to set the domain user to the application pool identity.
use https://learn.microsoft.com/en-us/sysinternals/downloads/procmon to check where access is being blocked.
I have a PHP script that calls a Python script (with arguments):
<?php
$UPLOAD_DIR = 'tmp';
$AUDIOSPLIT = "../audiotranscri/scripts/audiospliter.py";
// This also fails using a symlink in the same dir
//$AUDIOSPLIT = "spliter";
$media_path = "tmp/media.mp3";
$subtitles_path = "tmp/mediasub.ass";
$cmd = "python3 ".$AUDIOSPLIT." ".$media_path." ".$subtitles_path." ".$UPLOAD_DIR;
echo($cmd);
system($cmd,$returnv);
echo($returnv);
?>
It works when i run this from a bash terminal
$ php7.2 dummy.php
But fails when call it from a website (Apache2 with PHP). Why ?
N.B: I am sure Apache and PHP are running OK since phpinfo() works perfectly. Versions are PHP 7.2.15, ubuntu 18.04.1, Apache 2.4.29.
Consider trying one of these:
use full path for your program as PATH might not be set when using system() - change "python3 " to "/usr/bin/python3 ", or wherever your python3 is.
Using another function, exec(), shell_exec(), passthrough()
Check if your web server allows you to run given functions when running through http, check in your php.ini, or check with php script accessed through http
<?php
$function_name = "system";
if ( function_exists($function_name) ) {
echo "$function_name is enabled";
}
else {
echo "$function_name is not enabled";
}
I created a php file as shown below.
<?php
$ar = 4600;
$az = "redshift -O ".$ar;
echo "Command executed: ";
echo $az;
system($az,$status); // It is not working on browser but working on terminal.
system("ls",$asd); // It is working on both browser and terminal.
if($status == NULL) {
echo "<h3>Operation not successful</h3>";
}
else
echo "<h3>Temperature Succesfully set to ".$ar."</h3>";
?>
Now, the matter is that
when i am running this file on terminal using command
php file.php
the 'ls' command is getting executed and 'redshift -O 4600' also getting executed.
But when i am executing this file on browser using url.
127.0.0.1/file.php
Only 'ls' command is getting executed. 'redshift -O 4600' is not getting executed. Is there some way through which i can execute such programs.
I have also tried other functions like exec etc.
It would not work as you are setting up your server at /var/www/html location which is used by public to access your computer through localhost. And since in localhost there is no such thing as redshift so it would run nothing and the operation would be executed and you will see no after effects. So, to run the system's command on localhost, you must run the server on any folder other than /var/www/html. So, to run the server on any other location, just go to that location and run
php -S localhost:8080.
When I am trying to run shell script with exec and shell_exe nothing happens!
When I run with those command ls or whoami all work's.
What could it be?
Do you echo the output?
echo exec('ls');
Do you have safe_mode enabled?
phpinfo();
When yes: (from the manual)
Note: When safe mode is enabled, you can only execute files within the
safe_mode_exec_dir. For practical reasons, it is currently not allowed
to have .. components in the path to the executable.
Try to call exec with
exec('...pathtoyourbashscript...', $out, $return);
Then
echo $return;
If it shows 127 it´s likely that the path is wrong.
Also check the permissions. User 'nobody' is probably the apache user, which needs the rights to access and execute the script.
You can change the permissions by running
chmod 755 pathtouyourscript
This means something like 'I don't mind if other people read or run this file, but only I should be able to modify it'.
If you're using Apache, check to make sure that the Apache user has the required permissions to execute the php file.
You can use reflection to figure out if the function has been disabled with disable_functions.
$exec = new ReflectionFunction('exec');
print $exec->isDisabled() ? 'Disabled' : 'Enabled';
If the program is web based i.e. for linux, Try making a php file to process the shell.
and a shell file to handle the php..
For instance: runAllShell.php file can contain a loop.:
<?php
// Developed by A T.
// Count the files
$directory = '/put/directory/path_here/';
$files = glob($directory . '*.*');
if ( $files !== false )
{
$filecounter = count( $files );
}
else
{
echo "No Files were found";
}
$fileCount = $filecounter;
// Start the index
$fileNumber = 1;
while($fileNumber <= fileCount){
shell_exec('$fileNumber . ".sh"');
// get some feedback
echo "The ".$fileNumber." file has been excecuted";
// increment file number
$fileNumber++;
}
?>
make sure that all the .sh files in the directory are numericaly ordered for this to work i.e: 1.sh 2.sh 3.sh and so on.
Best regards,
AT.
I have a php script:
$extract_dir = "./";
$extract_file = "extractME.zip";
$zip = new ZipArchive;
$res = $zip->open($extract_file);
if ($res === TRUE) {
$zip->extractTo($extract_dir);
$zip->close();
echo "ok";
} else {
echo "failed";
}
But when I execute this script, via http://www.mywebsite.com/extract.php
All the files on FTP are show with OWNER 'root', but not the user ex . 'neo' as it should be. So the user cant edit/rename/delete these files.
Is it possible to fix this anyhow (I own the server), that files will be extracted with 'USERNAME' OWNERSHIP ?
ozzwanted, for some reason your web server (apache) is running as root so any file it makes will be made as root. This should never be the case. apache usually runs as 'www-data' or 'httpd', or 'nobody' or 'god' depending on the linux distro.
I suggest you look into this from a sysadmin point of view and have someone sort it out for you before you end up getting exploited. (assuming this is a live server)
You can use www.php.net/chown function or your can run a 'chown' command on the command line or do it from PHP with something like system() or exec() functions.
Good luck.
It extract as the user running the webserver (note: you should not be running it as root). Try using chown.