Referencing this post as well(How to create database using php shell_exec and sql command line)
I've followed the accepted answer in that post, but I am curious as to why the shell_exec is unable to run mysql code. It merely returns NULL.
The user already has sudo access, when i copy the following command line into the console log manually it works.
$cmd = escapeshellcmd('sudo mysql -u root -e "create database somedb"');
$test = shell_exec($cmd);
var_dump($test);
Edit 1:
Updated [username], if root may cause some issues
You will need to use the full path to mysql
Type whereis mysql to find it.
It will most likely be /usr/bin/mysql
Change your command to:
$cmd = escapeshellcmd('sudo /usr/bin/mysql -u [username] -e "create database somedb"');
You may need full path to sudo .. same principles will apply.
Related
I want to do some tasks on my server that require root shell access. I want to make a simple API that I can access from PHP.
The things I want to achieve is:
clone from one database to another. The databases are owned by different users:
mysqldump -h localhost -u SOURCE_USER -pSOURCEPASSWD SOURCE_DB | mysql -h localhost -u DEST_USER -pDEST_PASS DEST_DB
copy files from one user public_html to another:
cp -R SOURCE_DIR DEST_DIR
I have working bash-scripts for both those tasks.
I do not want to give PHP full root access to the server, since that would be crazy, but instead:
How can I make specified bash-scripts executable from a PHP-file in one linux-user's public_html directory?
Alternatively: How can I give root shell access (via shell_exec) to ONE specified PHP-file on a server.
You could use this project: Github. It allows PHP to obtain and interact with a real Bash shell even as root without running the web server as root.
After composer/downloading you would simply use the following code:
//read the documentation: here you get a root shell if you allowed sudo
$shellObj = \MTS\Factories::getDevices()->getLocalHost()->getShell("bash", true);
//OR if you did not want to give the webserver sudo access, then you can use this syntax:
$shellObj = \MTS\Factories::getDevices()->getLocalHost()->getShell("bash", false);
\MTS\Factories::getActions()->getRemoteUsers()->changeUser($shellObj, 'root', 'rootPassword');
//In both cases you now have a shell as root. This really is a bash shell, its not just wrapping the PHP shell functions.
//All you have left is to issue commands just like you would on a bash prompt
$strCmd = "mysqldump -h localhost -u SOURCE_USER -pSOURCEPASSWD SOURCE_DB | mysql -h localhost -u DEST_USER -pDEST_PASS DEST_DB";
//for the vast majority of commands that finish within 10 sec you need only issue the command
$return = $shellObj->exeCmd($strCmd);
echo $return;// return from your command
//However if your command runs for more than 10 sec, you must set a timeout. e.g.
//timeout in miliseconds
$timeout = 20000;
$return = $shellObj->exeCmd($strCmd, null, $timeout);
echo $return;// return from your command
Feel free to issue more commands on the $shellObj, its a bash shell ready to take orders and as i said ready the documentation.
After an useful comment from arkascha I researched sudo and found Ezequiel Hdez's answer in sudo in php exec() to be useful in finding the answer to my question:
Allow myuser to sudo my shell script by adding in sudoers file (access it by typing visudo):
myuser ALL = NOPASSWD: /path/to/myscript.sh
Make script executable:
chown u+x /path/to/myscript.sh
Then in PHP (from "myuser")
exec("sudo /path/to/myscript.sh argument1 argument2");
Now I was able to do whatever I want from PHP, but ONLY via /path/to/myscript.sh
I have a string of script which working in terminal but does not work when I use it in PHP with shell_exec().I know a lot of questions similar to this question has been asked already but in my case the problem I am facing is that I have already tried the proposed solutions I found. Below is my simple code.
<?php
$output = shell_exec('mysql -u root -pmypass -h 127.0.0.1 mydatabase< db.sql');
echo "<pre>$output</pre>";
?>
So far this is the best solution I have found.
Does anyone knows what might be wrong?
Your shell_exec is this:
$output = shell_exec('mysql -u root -pmypass -h 127.0.0.1 mydatabase< db.sql');
And your command is this:
mysql -u root -pmypass -h 127.0.0.1 mydatabase< db.sql
The reason that command works when you are in the shell is the binary path to mysql is part of your user login profile.
To see what I mean, login to the shell as yourself and then type echo $PATH and what you will see is a list of search paths the shell uses to figure out where binaries you are attempting to run are located.
But when you attempt to run a script via shell_exec() the Apache server user running PHP is making the sell call. And that user typically does not have binary paths set. So you need to provide the full path to mysql which might be:
/usr/bin/mysql
Or:
/usr/local/bin/mysql
The best solution is from the shell use the which command like so:
which mysql
And then take the full path provided and adjust your shell_exec() command as follows; using /usr/bin/ for example:
$output = shell_exec('/usr/bin/mysql -u root -pmypass -h 127.0.0.1 mydatabase < db.sql');
Also, where is db.sql actually located? You would have to prepend the full path to that MySQL script like this as well; using /full/path/to/this/ for example:
$output = shell_exec('/usr/bin/mysql -u root -pmypass -h 127.0.0.1 my database < /full/path/to/this/db.sql');
i am trying to create a database using shell_exec and mysql commands. I do not want to use php built-in mysql_query because of severals reasons. However, i cant get the below command to execute successful. Anyone can show me some light on what went wrong?
$test = shell_exec("mysql -u root -pmypassword create database db_hello;");
var_dump($test);
The correct syntax is like this:
mysql -u [username] -p -e "create database somedb"
Or
mysql --user=user_name --password=your_password -e "SELECT 1 FROM information_schema.tables"
Reference: http://www.electrictoolbox.com/run-single-mysql-query-command-line/
$cmd = escapeshellcmd('mysql -u [username] -p -e "create database somedb"');
$test = shell_exec($cmd);
var_dump($test);
The issue might be the path to mysql in your php script.
For me was : /usr/local/bin/mysqld (osx 10)
I'm trying to execute route add command with PHP this way:
exec("/sbin/route -net 127.0.0.1", $output); and I'm getting SIOCADDRT operation not permitted. I suppose this is because I don't execute the route command through sudo.
But I can't do sudo from php because the command asks for the su password. So how can I run route add without sudo?
Thanks!
The best way to do this is, IMHO, is to create a shell script which use this command. After that, allow this shell script to be executed as root in /etc/sudoers.
The syntax to add in sudoers file can be found in this question's accepted answer.
So you just need to:
exec("/usr/bin/sudo /path/to/script");
This way, your root password is not exposed and you can add any command you'd like in your script.
You can send set sudo to get password from standard input using -S argument
exec("echo 'password' | sudo -u root -S /sbin/route -net 127.0.0.1", $output);
I've got a PHP command line program running. And I want to connect to a mysql shell straight from PHP. I've done this before in Python using os.execvp But I can't get the same thing to work in PHP.
I've tried the following functions:
system
passthru
exec
shell_exec
example:
system('mysql -u root -pxxxx db_name');
But they all seem to wait for mysql to exit and return something. What I really want is for PHP to launch the mysql shell and then exit it self. any ideas?
If you want shell commands to be interactive, use:
system("mysql -uroot -p db_name > `tty`");
That will work for most cases, but will break if you aren't in a terminal.
Give MySQL a script to run that's separate from the PHP script:
system('mysql -u root -pxxxx db_name < script.mysql');
In addition to what acrosman said, you can also use the -e switch to pass SQL from the command line.
$sql = ".....";
system("mysql -u root -pxxxx db_name -e \"$sql\"");
Also, I hope your not actually connecting to the database as root from a PHP application.