I have PHP code (setup.php) that execute bash-script, this is my code :
$hasil = shell_exec("./setup-srv.sh testajah mydomain.com");
echo "<pre>".$hasil."</pre>";
successfull when executed from commadline (setup-srv.sh), but failed when executed from browser (setup.php)
these 2 files at /var/www/html/
setup-srv.sh has several jobs :
register subdomain to DNS server
create and populate data to mysql database
copy master folder and it's contents to new folder
execute certbot to new subdomain
I chmod 2 files with 777, but still failed.
I need help, thank you at advance.
I'm assuming you're on a newer PHP than 5.3, or you have safe mode off.
This is likely to be an issue with the differences between your environment and the web server's environment.
Things to try:
Unlikely to be the problem, but ..
$hasil = shell_exec("/var/www/html/setup-srv.sh testajah mydomain.com");
SU to the webserver user and try to run the script, see what happens.
Make sure SELinux isn't interfering with the webserver's ability to execute external programs.
Related
I am trying to execute Linux shell command from php but there is no output on web page. If I am trying to execute the php page from linux cosole its working fine.
PHP Code:
<?php
$result = shell_exec('asterisk -rx "core show channels concise"');
$ccount =shell_exec('asterisk -rx "core show channels count"');
echo $result;
echo $ccount;
?>
Above code is not giving any output on web page. But on linux console its woking. e.g.
[abc#host sysadminman]# php myfile.php
Asterisk control socket permissions can also be changed easily in /etc/asterisk.conf:
[files]
astctlpermissions = 0660
astctlowner = root
astctlgroup = apache
astctl = asterisk.ctl
First of all your question is incomplete as you not showing what is expected output. But aside from this you are doing a few common mistakes there.
First you are testing your script as root (# php ...) but your httpd is NOT serving your scripts as root. So your tests are useless. You should switch to right user (most likely www-data and then check to run your script from shell. Most likely it will fail for one of two common reasons - insufficient permissions to run asterisk program or incomplete $PATH not pointing to the place where asterisk is.
I agree to Marcin.
I would suggest you write script to execute those commands and put result to some storage (such as text or database). Use cron to run it in root. Then you read the data from storage on web page.
If you want real time response, you have to run cron all the time though it consume server resource. That is trade-off you have to consider. Its depends on what you wanna achieve from the web site.
Use sudo to run thoes commands as root or Asterisk user. You can configure sudo to allow execution without password to only specific commands.
check disable_functions in php.ini. Mb shell_exec just off for web server
I'm running a bunch of local Kiosks on mac mini's and have been using dropbox to keep all the files in sync. However - the dropbox updates have been sketchy as of late because of the firewall settings where these things are. A workaround I have found is by having dropbox quit and restart periodically to force it to update.
My question is - since all of these are running php applications on MAMP - is there a way to launch a local app from php? I'm able to kill dropbox by doing something like this:
$killit = killall -KILL Dropbox;
But it doesn't work the same to restart it. I've tried doing this:
$start_dbox = open /Applications/Dropbox.app;
To no avail. Is there a better way to automate this process of shutting down and reopening a local application?
I've had similar problems trying to control software remotely. The 'open' command must be executed either as the currently logged in console user, or from a terminal owned by the console (e.g. Terminal.app).
If you change your PHP to redirect STDERR, you should see the error that 'open' is returning:
$start_dbox = "open /Applications/Dropbox.app 2>&1";
The following text should then be returned from the system call:
LSOpenURLsWithRole() failed with error -10810 for the file /Applications/Dropbox.app.
One workaround I've used in the past is to create a lock file somewhere in the filesystem, which your PHP script can write to and your console user can read. Then, you can create a cron that runs as the console user and periodically checks the lock file to see if it needs to restart Dropbox.
I was actually able to solve this by creating a shell script with the following:
#!/bin/sh
export DYLD_LIBRARY_PATH=""
osascript -e 'tell application "Dropbox" to activate'
Saved it as start_db.sh and dropped it in my root apache directory (so there was no permissions problem for that user).
Then in my php file I was able to do:
$start_dbox = exec('/full/path/to/start_db.sh');
Worked like a charm. Dropbox now quits and restarts with no issues.
I have a php script that carries out a trace route without using system(). It uses SOCK_RAW and ICMP.
I have managed to get this script to run with out been a root user or changing anything in sudoers by using CAP_NET_RAW.
The thing is, the scrip only works when called through the shell, not through the browser. When I go through my browser I get the error: socket_create(): Unable to create socket [1]: Operation not permitted . So something is going a miss here.
After googleing and googleing I am unable to work out why the same script is not working when called through apache. Do I need to add CAP_NET_RAW to an apache config file as well?
Any advice on this would be very much appreciated.
Jason
Typical Apache + PHP installations run under a separate system user (usually www-data). My guess is that this pseudo-user is heavily restricted. Try executing from the shell as the www-data user - it should fail, if I'm right.
First, I read some threads by people with similar problems but all answers didn't go beyond export DISPLAY=:0.0 and xauth cookies. So here is my problem and thanks in advance for your time!
I have developed a little library which renders shelves using OpenGL and GLSL.
Last few days I wrapped it in a php extension and surprisingly easy it works now.
But the problem is it works only when I execute the php script using the extension from commandline
$php r100.php(i successfuly run this from the http user). The script is in the webroot of apache and if I request it from the browser I get ** CRITICAL **: Unable to open display in apache's error_log.
So, to make things easier to test and to be sure that the problem is not in the library/extension, at the moment I just want to start xmms with following php script.
<?php
echo shell_exec("xmms");
?>
It works only from the shell too.
I've played with apache configuration so much now that I really dont know what to try.
I tried $xhost + && export DISPLAY=:0.0
In the http.conf I have these
SetEnv DISPLAY :0.0 SetEnv XAUTHORITY /home/OpenGL/.Xauthority
So my problem seems to be this:
How can I make apache execute php script with all privileges that the http user has, including the environment?
Additional information:
HTTP is in video and users groups and has a login shell(bash).
I can login as http and execute scripts with no problem and can run GUI programs which show up on display 0.
It seems that apache does not provide the appropriate environment for the script.
I read about some difference between CLI/CGI but cant run xmms with php-cgi too...
Any ideas for additional configuration?
Regards
Sounds bit hazard, but basically you can add even export DISPLAY=:0.0 to apache start-up script (like in Linux /etc/init.d/httpd or apache depending distro).
And "xhost +" need to be run on account which is connected to local X server as user, though I'm only wondering how it will work as php script should only live while apache http request is on-going.
Edit:
Is this is kind of application launcher?, you can spawn this with exec("nohub /usr/bin/php script.php &"); .. now apache should be released and php should continue working in background.
In your console, allow everyone to use the X server:
xhost +
In your PHP script, set the DISPLAY variable while executing the commands:
DISPLAY=:0 glxgears 2>&1
I want to do SVN update easier - with calling PHP script.
I created PHP script:
$cmd = "svn update https://___/svn/website /var/www/html/website/ 2>&1";
exec($cmd, $out);
As the user running the script is apache (not root), I get some permission errors.
If I change the owner of every directory to apache (or chrown everything to 777) I have another problem. Because I use https protocol user apache should permanently accept certificate of the svn server. I tried to do "su - apache" and accept certificate but OS says that "apache" is not valid user. I also dont know how could I accept certificate with exec() function.
Any idea? How can I make svn update-ing easier?
Is the error telling you that the user isn't a valid svn user? If apache is the user running httpd, you should be able to su to it. This is the script I use:
/usr/bin/svn --config-dir=/home/user/.subversion --username=svnuser --password=svnpass update
once the password is saved you can remove it from the command. Again, make sure the user/pass above is a valid SVN user.
Lately I've actually migrated to using Hudson for svn updates as you can schedule it as well as run manually and do a bunch of other tasks, plus you can view the svn logs for each commit as well as any console errors.
Why not use php svn functions instead of (insecure) exec?
http://www.php.net/manual/en/function.svn-auth-set-parameter.php has good examples for authentification options.
Use getent apache on the shell. This will return the shell of apache. Most likely, it is /bin/nologin or /bin/false. Change this to /bin/bash. You'll also need to specify the home directory and create it on the file system.
UPDATE: getent apache will actually return the entry in the /etc/passwd file for the apache user. The last token in this string is the shell.