I have a question that have been asked many time over the web, but none of the solutions help my case.
I need a very simple website with a single button, by which on click, a single shell command is executed to deploy a docker container.
For this I have 3 files all located in /var/www/html/:
1- Depl-Script (a simple Linux file, made executable by chmod +x and chmod 777, and does not have .sh extension, including a single command:
docker run -it -p 8080:8080 surrogate
2- a DepGUI.php
<?php
// $output=shell-exec("/var/www/html/Depl-Script"); //didn't work
$output=shell_exec("./Depl-Script"); //this doesn't work neither
echo $output; //prints 0
$output1=shell_exec("whoami"); //prints www-data
echo $output1;
?>
3- a Main.html, including:
<form action="DepGUI.php">
<input type="submit" value="Open Script">
</form>
Shell-exec doesn't work for running the shell script.
How do I know it doesn't work? I check docker containers, nothing is created.
What solutions I have tried:
1) The shell script (Dep-Script) works fine when I run it from CLI, by root user.
2)Just to make sure, I changed the etc/passwd file, found the line with www-data user and changed it's login shell to /bin/bash, and then by www-data (apache) user, I executed the same shell script, and it works. (I returned the /etc/passwd file to the original shape)
3)I have checked the /etc/php5/apache2/php.ini and /etc/php5/cli/php.ini and the exec, and shell_exec is not disabled.
4) I have checked the shell-exec and exec command with "sh" parameter, it did not work.
Any help/comment is appreciated in advance.
Thanks
Update:
I redirected errors to the output,
$output=shell_exec("./Depl-Script 2>&1");
I noticed the error is related to docker, "The input device is not a TTY" , then I got rid of -t in the docker command in the script (Dep-Script) and the error disappeared. I got a new error related to docker permissions and solved it using following link:
https://techoverflow.net/2017/03/01/solving-docker-permission-denied-while-trying-to-connect-to-the-docker-daemon-socket/
Related
Hello i was trying to use exec() in php via web page to execute a file in the root directory, and for some reason none of my commands work except
ls
witch even when i do
ls /root
it doesn't work seems i can only do ls in the current directory or commands like whoami which returns apache
i've tried setting user permissions for apache, and i've tried setting permissions for file or /var/www/html directory and nothing seems to work any ideas?, my basic code below
<?php
command = "ls /root";
exec($command);
?>
The exec command return only the last line of your command.
Like said in the documentation, you should add a second parameter to get the result or use the function passthru
I've been unable to run php scripts that I need to use to start and stop webcam services that run on the local machine with the scripts. I can find nothing in the logs to indicate why the script doesn't' work.
I confess to being severely handicapped regarding PHP, especially server-side scripting.
The environment is Debian Jesse running Nginx with all required SSH and PHP modules installed
I have added www-data to the sudoers file with:
www-data ALL=(ALL) NOPASSWD: /var/www/html/start_webcam.sh
Enabled the $PATH environment for www-data at:
/etc/php5/fpm/pool.d/www.conf
The shell script resides in the .../html directory and runs from the terminal with no issues.
This is the code for both the php and shell scripts:
start_webcam.php:
<?php
echo exec('sudo bash /var/www/html/aspirebox/start_webcam.sh 2>&1, $output');
print_r($output);
?>
The $output and print_r stuff is there because it was the last thing I tried based on a post I found out here somewhere.
start_webcam.sh
#!/bin/bash
service motion start
Thanks in advance to anyone out here that has a clue. After 2 days of wrestling with this, I am sure that I do not.
according to Passing Variables to shell_exec()? you should change your code like this:
<?php
$output = exec('/var/www/html/aspirebox/start_webcam.sh 2>&1 ');
print_r($output);
?>
and let your bash script execute as all (no need to sudo bash):
chmod a+x /var/www/html/aspirebox/start_webcam.sh
Thank you very much - that worked.
I worked through getting the path straight for the directory the shell script runs in, and the correct path to run "service".
All I have now is to figure out why I'm getting "Failed to start motion.service: Access denied"
I've given www-data permission to run the script without a password on sudoers, have to keep digging.
Thanks again!
I have written simple php script to help me update site contents when the commit is sent to bitbucket. I have following problem with it.
<?php
$repo_dir = '/var/www/vhosts/my_full_path';
$output = shell_exec('cd '.$repo_dir.' && hg --config auth.rc.prefix=https://bitbucket.org/XXXXX --config auth.rc.username=my_username --config auth.rc.password=my_pass pull -u https://bitbucket.org/XXXXXXX &');
echo $output;
?>
When I type it to web browser it doesn't work. The output of script is:
pulling from https://bitbucket.org/XXXXXXXXXXXXXX
but when I try to execute it under console on the server it works like a charm:
php myscript.php
generates following output:
pulling from https://bitbucket.org/XXXX
searching for changes
adding changesets
adding manifests
adding file changes
added 2 changesets with 2 changes to 1 files
1 files updated, 0 files merged, 0 files removed, 0 files unresolved
See the oupt is full and correct! in concole I'm using root user in web browser data-www? Is there any difference in this case?
I have found the solution. I hope it helps someone.
There were two problems:
Permissions to my repo dir
Authentication for user www-data for this repo
The problem occured because web browser doesn't flush warnings and abort messages while executing command shell_exec. If you want to test your script, you have to lgoin to console by SSH (as root for example) then execute script / command as apache user:
sudo -u www-data php /path-to-your-script/script.php
In console you will see all problems which following user generates.
I want to start program when I enter my webpage, and problem is in permissions(??) because when I try
echo exec('whoami');
I've got valid response (www-data) but when i try code like it:
echo exec('/var/www/./sitesend');
and
echo passthru(/var/www/./sitesend');
I got no response. I tried to
chown www-data /var/www/sitesend
chmod 755 /var/www/sitesend
My C++ app runs correctly, and its sending by NRF infromations to turn lights.
But not work, when enter page app won't run and I don't get any reps in echo.
I don't have a conclusive answer, but you can try a number of things:
Try the follow command to see if www-data may run the command.
sudo -u www-data /var/www/sitesend
Try running a PHP script with the passthru command from the commandline.
See if you're running AppArmor for the Apache process. AppArmor will block execution for files not white listed.
ls /etc/apparmor.d
I actually try to laucnh a gnome-term with a php script, seems i have some problems with the users www-data;
my script make only a ls -l command in a directory (is just for a test) and i run it with a php page in my local-web site.
here the gnome-terminal command in my bash script (he run perfectly when i double-click on him) :
gnome-terminal --working-directory=/opt/cuckoo -x bash -c "ls -l"
and here is the call on the php-page :
system("/my/path/to/the/script/script.sh");
i have some echo in my script and i see them in the php page after i try to run the script with the php.page.
i think www-data don't have the right to do so i give the ownership of the script with the chown command, and at last a try the sudo visudo command and make the script execute like the user www-data is root (with NO PASSWD arg)
But i can't open the terminal and make a ls at last, i try with exec too, and show the result with $ouput butthe result is the same as well.
At last my question is : Php can really run a terminal or maybe a fool myself^^? Thanks for taking time to rescure me ;)
PHP can run everything, but depends who spawns it. Forget just running X apps from a web server - you'll need more than just executing them (permissions, DISPLAY and Xauth settings). Read more about the X clients and architecture.
Probably the right place to ask this is at SuperUser, since the problem is not in the coding itself.