I am working on a game panel and I building it in PHP and BASH. So, the web panel controls the game severs by running bash scripts when buttons are pressed. So far so good. My problems come when I need to run the bash scripts because the user running them needs sudo privileges or the scripts will have a an unexpected behavior:
Should I create a new user and give it sudo privileges, then login to the server via SSH (through PHP)? If so how can I store the login credentials safely so if a hacker breaches my website he won't find them?
Should I give www-data sudo privileges to the specific scripts? Is this a dangerous approach?
Is there any better and more secure way to run bash scripts from a webpage?
I am a newbie PHP developer and my first project is a game panel running on Ubuntu server. Please have mercy. :)
I wouldn't run any bash scripts directly from PHP, instead I would decouple the two by using a message queue.
Have the PHP script send a message to an exchange and mark the action as "in progress". Then have a bash script run as a consumer for a queue that receives the message, process it and run the necessary script. Finally pass the message on to another queue which is consumed by PHP and update the action status as "completed" or "failed", depending on the outcome. This is not a synchronous process but it's the safer way to handle it.
Suggested reading:
RabbitMQ
RabbitMQ and bash
What you are trying to do here is very dangerous, if you can execute bash scripts from within a web page you will be hacked and the hacker will have full access on your machine.
What you need to do depends on what your project is, but basically you want to setup some form of server that will run you bash commands and have your web page call that server. This is not straight forward.
Related
This is a Ubuntu system and I need the PHP to execute a program with a specific username, let's say, userA.
I used php exec() function to call sudo -Eu userA command_to_run_program, it did not work because of some security features or environment variables missing on Ubuntu.
So I'm thinking if this alternative way can be achieved:
From the back-end, there is a shell script with a fixed Pid running and waiting for signals. If this process receives a specific signal, it would execute the program. Let's say I manually started this shell script with userA. So I assume when it receives the signal and execute the program, the program is executed with userA.
And there is a apache server with PHP on this machine. The front-end user goes the PHP page and the php program sends the signal to the running shell script, awake the shell script and thus the program is executed by userA.
If it can be achieved, what is the best practice to do so?
Thanks for your help!
In other words, you need some kind of privilege escalation from the user account of the webserver to a (specific?) different user. This has security implications, but I assume that you have considered the possibilities.
Anyhow, following steps should work:
Create a program (albeit just a shell script) that runs the according code.
Put the program into a place where the webserver can access it.
Make the target user the owner of the program and set the SUID bit. That way, executing it will cause it to run under the user's account.
Make the webserver group the group of the program and only allow it (not other users) to run the program via the executable bit.
See the manpages of chown and chmod for further info.
I'm fully aware that PHP has a range of functions available to issue commands to the DOS bck-end of the Windows operating system, alas from my experience. This runs in a completely seperate scenario.
I've been researching into the methodology of issuing commands to an already running command prompt and printing out the results. My current setup is as followed:
Windows Server 2008R2 (IIS, PHP5.5,MSSQL & MySQL server)
an already running command prompt screen initialized by the following:
C:\Datalog\sys\dedi.exe -logfile=C:\inetpub\wwwroot\Syslog\
The problem now, is that the functions that I'm aware of, such as:
exec(), system() and passthru() only run commands in a seperate envrionment.
Why Don't I start the executional with php?
This can be done with either PHP and/or with an ajax solution, but the problem that will be encountered is that when navigating away from the page the executional will close & when navigating to page again, it might cause duplicate running environments
So, my overall question.. Is it possible to use PHP to issue commands to an already running command prompt screen? which is kept alive by the operating system?
The short answer is no, this is not possible. The web server will launch new processes separate from any other shell. You could write a command line app that runs continuously in a command prompt and takes IPC messages from the web app to get instructions, but this is probably too convoluted given your main concern:
the problem that will be encountered is that when navigating away from
the page the executional will close & when navigating to page again,
it might cause duplicate running environments
These are concerns that can be resolved in other ways. Processes can be launched asynchronously to run apart from the web application and continue if the connection is closed. To prevent "duplicating the running environment" the launched processes or the web app can use semaphores or other techniques to prevent duplicate runs.
i start a linux console app from my php5 script, it starts ok but then termintates. I've tried using system(), shell_exec and tried starting as background process but to no avail it starts and then quits.
What i am trying to achieve is from a remote browser start a console app using a php5 script and then it should remain running (just as it would if i started it from a bash shell) , i then want to send commands (from a bash shell it would be keyboard strokes) to the console app from another set of php5 scripts. Hope its clear what i am trying to do.
If anyone could give some info on the best way about doing this, as i think i may have something fundamentally wrong.
I have a Debian Lenny box running apache.The console app is just a simple program that prints to stdout and reads from stdin.
How do you expect to send input to this app? Where is it listening for input?
It simply may only support interactive use, and exit as a result of that. Or, even simpler, it may terminate because it sees that is has no input (nothing piped in or nothing from some file) and since it's not connected to an interactive shell, it has nothing to do. There's no point in waiting for input from a user that doesn't have a way to interact w/ the application.
On every request, PHP starts up, compiles your script and executes it. After execution, the script exists. When the script exits, all of the resources it was using, including file handles, database handles, and pipes to other programs are terminated.
You're going to need to find another way to keep your program open and have PHP communicate with it. Otherwise, every request to your script is going to open a new copy of the program, and then both will exit when the PHP script is complete.
Unfortunately without knowing what the program is, it will be hard to offer suggestions on how to go about doing this.
The Setup:
I have a LAMP server (Ubuntu 9.10) which is also hooked up to my HDTV. Upon boot, one user is automatically logged in so as to have a desktop environment on screen.
What I want:
I've been developing a remote, web interface in PHP for various things (play music, for example). However, I've hit a snag in that I would like to run a windowed program and have it display on the TV. Obviously, since PHP/Apache is running under the user www-data, this isn't going to happen just by running my command via exec().
Is there a Linux command that can run it as the currently logged in session of my other user, or a program that?
The (X) program starting uses the DISPLAY variable to determine which X session to hook up to. You'll need to figure out which X session the user currently has, if this is a one-user box is's most likely to be :0.
Then you could write a simple bash script to
1. Set the DISPLAY (and other variables as needed)
2. Execute.
--
Another solution would be to write the necessary information to a flat file and then have a cron job checking for updates every one or three seconds. The cron can be configured to run as a specified user. Ugly, but sould work.
As mataisf says - you need to set the DISPLAY variable so the program knows where to generate the window. However there is an authentication system which prevents unauthorized programs from access an X server (the place where the keyboard, screen and mouse are). One way around this is to let any program connecting from the local machine have access:
xhost +localhost
....but a better solution would be to run the program as the user logged in. There are lots of different ways to do this - but probably the most practical is via sudo, e.g.
sudo -u console_user program
Note that before you do this you might want to set the HOME variable so that xauth works properly (you can do this with the -H flag for sudo).
Note that you need to configure the program, the console_user and the webserver user in the /etc/sudoers file.
C.
I need an application to be running in the background on my web server, but I need to be able to start/stop the application with root privileges.
In order to do this, I want to have a service running that has root privileges, so that it can kill the application, and start it up again if need be.
Finally, I need to be able to send the start and kill commands to the service via Apache/PHP, so that it can be indirectly controlled through the web.
How do I create a Linux service?
How do I communicate with a Linux service in this manner?
Thanks in advance!
Use the exec command in your PHP script to call shell files. The shell files can be setup with the "setuser" bit so it will run as its owner (instead of running with the web server's permissions).
Of course, you'll need to be very careful--lots of testing, monitoring, etc.
Finally, think about the service running as a dedicated user, not as root. Eg like apache and most other well done services do.
Added: Re: running a service in Linux. Depends on your flavor of Linux. If you want to be sure that your app service will be automatically re-started if it fails, plus logging, checkout Runit:
https://web.archive.org/web/1/http://blogs.techrepublic%2ecom%2ecom/opensource/?p=202
http://smarden.org/runit
Added: Instead of setuid bit, I think Frank's suggestion (in comment) of using sudo system is better.
So, you have three pieces here :
Your web server without root privilege
An application
A daemon that is monitoring the application
Your problem is not launching the daemon, it is writing it, and communicating with it from the web server, without needing root privilege.
A daemon can be as simple as a non interactive application launched in the background :
# my_dameon &
I am not a php developper, but searching for message queue and php, I discovered beanstalkd
Looking at the example on the first page it seems you can use it to do the following :
The apache/php sends some message to beanstalkd
Your daemon reads the message from beanstalkd. Based on the command it starts or kill or reload the background application.
You can write your daemon in php, since there are client in many languages
You can also check this question
You can create a daemon which accepts the following commands:
daemon_name start
daemon_name stop
daemon_name restart
deamon_name reload
Starting the daemon should not be hard. Just executing daemon_name start from a PHP script should run it. After starting, you can write the PID of the process to a lock file (for stopping, restarting or reloading later). The daemon should handle signals.
In a PHP script, you can then invoke daemon_name stop. This should fire up a new daemon which would check the lock file and get the PID of the running daemon and send a signal which would be handled by the running daemon. The lock file should be removed/cleared and then the stop initiating daemon/process can quit.
I think you should look at inetd, which can be configured to run all sorts of services, and it runs as root. You could then write a relatively simple program that is not itself root privileged, but which when run by root does the tasks you need done.
As far as communicating with the service you did not say what type of service it is, however assuming you're writing it yourself the most common methods would be to comunicate via UNIX sockets or MMAP. Depends on your needs really.
Oh yeah, should point out there are already applications for web management of linux systems. Webmin is a really good one which can be configured to allow as much or as little control as you need.
As #shodanex suggests, using Beanstalkd would be an excellent way to disconnect a web-front-end from a running-as-root command line worker. It could trivially be set to only run exactly what was required.
To run the worker, Pear's System_Daemon can generate and run a daemon-running script, with start/stop/restart.
When doing this be very very careful. Never use any user submitted data from the web in the exec command. this could allow someone to arbitrarily execute commands on your machine.
Also I second Frank use a sudo rule so you can run that specific command with the permissions you need but nothing else. It will be more secure that way.
Of course with
sudo apt-get install openbsd-inetd
you can create a service you want