I am running PHP and Apache. My program is as follows:
<?php
echo shell_exec("ssh");
?>
It works from the command line as php script.php but when visiting the web browser 127.0.0.1/script.php it returns an empty result.
Any ideas why this may be happening?
Edit 1:
I tried running ssh as the www-data user through command line. This worked fine.
Edit 2:
I tried running sshpass instead of ssh (same location, same permissions) and it works but ssh does not.
Mentioned in kamermans's note, the help message of ssh is output to the stderr stream, so try
echo shell_exec('ssh 2>&1');
Related
I an Ubuntu 16.04 machine running NGINX and PHP. I would like to enable the www-data user (via web browser) to be able to access a PHP page (php-test.php) that will execute either a bash script (script_test.sh) or execute Linux CLI commands using shell_exec or exec.
I have done the following.
Created my bash script file script_test.sh
#!/bin/bash
whoami
echo $USER
echo 'test'
exit
when I run this from CLI, using
./ script_test.sh
It does indeed work and I can see the info echoed out in the CLI.
I then pursued the goal of being able to allow the www-data user run this bash script through a PHP page running on this same machine from NGINX.
I created my php page (php_test.php) and it contains the following
<?php
chdir('/path/to/my/files/');
shell_exec('./script_test.sh'); // ATTEMPT RUN SCRIPT
shell_exec('/path/to/my/files/script_test.sh'); // ATTEMPT RUN SCRIPT
echo 'test 123'; // SIMPLE ECHO IN THE PHP PAGE
?>
I then ran the following to modify the sudoers file, giving www-data access to the bash script
sudo nano /etc/sudoers
to which I added the following line
www-data ALL=NOPASSWD: /path/to/my/files/script_test.sh
I then made sure the script was executable, for the sake of my testing, not worrying about security, I just set it to 777 with the following command
sudo chmod 777 script_test.sh
From there I opened a web browser and browsed to the localhost (NGINX) web server (php_test.php) and the only thing I see on the page is the 'test 123' that I echo from PHP... none of the bash script appears to have run at all. I tailed the NGINX error log and don't see any error at all.
Is there another log that could contain clues on this?
What else should I check here?
The result of shell_exec() is returned as string. To display it in your browser, simply add echo.
<?php
chdir('/path/to/my/files/');
echo shell_exec('./script_test.sh'); // ATTEMPT RUN SCRIPT
echo shell_exec('/path/to/my/files/script_test.sh'); // ATTEMPT RUN SCRIPT
echo 'test 123'; // SIMPLE ECHO IN THE PHP PAGE
?>
See the Return Values in the manual:
The output from the executed command or NULL if an error occurred or
the command produces no output.
Can you try to use passthru instead of shell_exec, and see the output anything?
Also try this, and see if it shows on the log file:
if(file_exists('/path/to/my/files/script_test.sh')) { die('File not found!'); }
shell_exec("nohup /path/to/my/files/script_test.sh > /path/to/my/files/output.log &");
Also, are you running PHP with the www-data user (check your fpm pool)?
Do you have any error on /var/log/syslog or /var/log/auth.log ?
Have you restarted the server after changing the sudo permissions?
What does su - www-data -c "whoami" and su - www-data -s /bin/bash -c "whoami" outputs?
Does su - www-data -s /bin/bash -c "/path/to/my/files/script_test.sh" output something?
I've been unable to run php scripts that I need to use to start and stop webcam services that run on the local machine with the scripts. I can find nothing in the logs to indicate why the script doesn't' work.
I confess to being severely handicapped regarding PHP, especially server-side scripting.
The environment is Debian Jesse running Nginx with all required SSH and PHP modules installed
I have added www-data to the sudoers file with:
www-data ALL=(ALL) NOPASSWD: /var/www/html/start_webcam.sh
Enabled the $PATH environment for www-data at:
/etc/php5/fpm/pool.d/www.conf
The shell script resides in the .../html directory and runs from the terminal with no issues.
This is the code for both the php and shell scripts:
start_webcam.php:
<?php
echo exec('sudo bash /var/www/html/aspirebox/start_webcam.sh 2>&1, $output');
print_r($output);
?>
The $output and print_r stuff is there because it was the last thing I tried based on a post I found out here somewhere.
start_webcam.sh
#!/bin/bash
service motion start
Thanks in advance to anyone out here that has a clue. After 2 days of wrestling with this, I am sure that I do not.
according to Passing Variables to shell_exec()? you should change your code like this:
<?php
$output = exec('/var/www/html/aspirebox/start_webcam.sh 2>&1 ');
print_r($output);
?>
and let your bash script execute as all (no need to sudo bash):
chmod a+x /var/www/html/aspirebox/start_webcam.sh
Thank you very much - that worked.
I worked through getting the path straight for the directory the shell script runs in, and the correct path to run "service".
All I have now is to figure out why I'm getting "Failed to start motion.service: Access denied"
I've given www-data permission to run the script without a password on sudoers, have to keep digging.
Thanks again!
I want to start program when I enter my webpage, and problem is in permissions(??) because when I try
echo exec('whoami');
I've got valid response (www-data) but when i try code like it:
echo exec('/var/www/./sitesend');
and
echo passthru(/var/www/./sitesend');
I got no response. I tried to
chown www-data /var/www/sitesend
chmod 755 /var/www/sitesend
My C++ app runs correctly, and its sending by NRF infromations to turn lights.
But not work, when enter page app won't run and I don't get any reps in echo.
I don't have a conclusive answer, but you can try a number of things:
Try the follow command to see if www-data may run the command.
sudo -u www-data /var/www/sitesend
Try running a PHP script with the passthru command from the commandline.
See if you're running AppArmor for the Apache process. AppArmor will block execution for files not white listed.
ls /etc/apparmor.d
I'm trying to execute a command through PHP with shell_exec. The PHP file is hosted by Apache on my Ubuntu server.
When I run this:
echo shell_exec("ps ax | grep nginx");
Then I get to see data. But when I run another command, for example:
echo shell_exec("cat /usr/local/nginx/config/nginx.config");
Then it's not showing anything at all. But when I copy that command and paste it in my terminal, then it executes fine.
My Apache server is running as user www-data. So I edited sudoers and added this line:
www-data ALL=(ALL:ALL) ALL
I know this is a security risk, but I wanted to make sure (for now) that www-data is able to execute all commands. But, for some reason I'm still not able to execute all commands with my PHP script.
Anyone any idea what to do?
have you read http://php.net/manual/en/function.shell-exec.php
There is quite a discussion in comments section. Top comment is:
If you're trying to run a command such as "gunzip -t" in shell_exec and getting an empty result, you might need to add 2>&1 to the end of the command, eg:
Won't always work:
echo shell_exec("gunzip -c -t $path_to_backup_file");
Should work:
echo shell_exec("gunzip -c -t $path_to_backup_file 2>&1");
In the above example, a line break at the beginning of the gunzip output seemed to prevent shell_exec printing anything else. Hope this saves someone else an hour or two.
echo shell_exec("sudo cat /usr/local/nginx/config/nginx.config");
Try that.
so I have read about 10 answers and everyone seems to suggest ideas which for some reason don't work.
i am trying to execute a simple command line which is "svn update" but it is not working and it returns NULL
so i have tried trial and error the way and for now this is what i can say;
i have tried several commands like
<?php
exec ("cmd /c ping 127.0.0.1 -n 1 > results.txt ");
?>
and
<?php
exec ("cmd /c chdir > results.txt ");
?>
and both work.. infact chdir says the exact position where the php file executing the line is stored on the pc..
so the problem now is, why do some commands like this:
<?php
exec ("cmd /c dir > results.txt ");
?>
don't work? this results and empty value even though inside the folder i have several files and directories.
and why if i use the command prompt to move into the folder where the php file is store and type svn update it works and doing
<?php
exec ("cmd /c svn update > results.txt ");
?>
return a NULL?
any help is really appreciated.
it feels like i have some restrictions dued to the configuration setup because when i try in local using apache i can get most of the commands to work (shell_exec, system, exec, even without the cmd /c)
Ok.
i have managed to solve the issue..
this is what i did:
first check exactly what username is running for the specific website.. to do so do:
<?php
$out = array();
exec('cmd /c whoami 2>&1',$out,$exitcode);
echo "<br />EXEC: ( exitcode : $exitcode )";
echo "<hr /><pre>";
print_r($out);
echo "</pre>";
?>
this will return the computername followed by the username..
now on the computer running the webserver run
control userpasswords2
and give administrator powers to the username whoami said
this will allow you to finally run any command you want using exec or system_exec
on the other hand continuing with my SVN command i found out that I had another problem which is that when you run it, it will look for the config file which is under the administrator account and will give an error saying:
svn: E125001: Can't determine the user's config path
to solve this issue you simply have to specify in the command the config_dir by doing this:
exec('cmd /c svn update --config-dir C:\Users\Administrator\AppData\Roaming\Subversion C:\\inetpub\\vhosts\\websitename\\httpdocs\\folder 2>&1',$out,$exitcode);
hope this helps others which are having problems like the ones i had!
This is likely a system user permissions issue. I tried your example:
<?php exec ("cmd /c dir > results.txt "); ?>
On my Windows7 with Xampp installed and it worked perfectly fine. However with IIS the "user" may not have permissions to the directory, off the top of my head I think it may be the system user IIS-IUSR or something like that.
Here is a link that might help with user permissions for IIS: http://www.iis.net/learn/get-started/planning-for-security/understanding-built-in-user-and-group-accounts-in-iis
Okay, based on your answers, I think you should try this:
Execute your command using the 'svn.exe' executable (replace the [[reposity location]]).
It is possible that your client has another svn.exe location, but you will have to figure that out yourself :)
exec('cmd /c "c:\\Program Files\\TortoiseSVN\\bin\\svn.exe" up "[[repository location]]"');
What happends now?
There is also a second parameter in exec, maybe you should also take a look at that one.
The only thing that helped me was, complete routes:
$template_file = "C:/archivos/archivos.tex"
$cmd = sprintf("C:/texlive/2020/bin/win32/pdflatex.exe " .$template_file );
$result = exec($cmd, $output, $a);