I am using raspberry pi 3(raspbian jessie) to capture image using fswebcam remotely using shell script and php. Since "motion" is running i need to stop the service then capture image and then restart it.
#!/bin/bash
DATE=$(date +"%Y-%m-%d_%H%M")
sudo service motion stop
fswebcam -r 640x480 --no-banner /var/www/html/sm/webcam/$DATE.jpg
sudo service motion start
The script works fine in terminal.Script is saved in var/www/html/sm. chmod +x webcam.sh also checked.
I also wrote a php script to execute above script using apache2 server.
<?php
$output = shell_exec('/var/www/html/sm/webcam.sh');
echo "<pre>$output</pre>";
?>
I was looking for a solution for past 6 hours. No luck. Tried to add www-data ALL = NOPASSWD: /var/www/html/sm/camera.php, www-data ALL = NOPASSWD: /var/www/html/sm/webcam.sh in /etc/sudoers. Changed permissions for folders www,html,sm. changed sudo with visudo. nothing worked. Php files does nothing, Please help me.
Related
I have below php script(test.php) in redhat linux.
<?php
shell_exec('touch /var/www/html/test.txt');
?>
If I run this script in command line (php test.php) ,it's working as expected.
But if I run test.php in browser(http://hostname/test.php) it's not creating file test.txt.
I tried edit sudo visudo www-data ALL=(ALL) NOPASSWD:ALL
Please help me on this!!
I guest it's because of permission, when you run in command line you run it as your user but when you run it via browser , it runs as web-service's user, so check the the permission of /var/www/html/ directory and set it's permission to 755 and change the owner to your web-service ( apache , apache2 etc you have as web serivce)
So
chown -R apache:apache /var/www/html/ (I'm not sure about your web-service, change it your webserice and it's group)
chmod -R 755 /var/www/html/
PHP will execute that just fine. But the system then does not find touch in the pathes it has to search.
Easiest, is to give the full path to touch. On my System using command whereis to find touch
$whereis touch
touch: /usr/bin/touch /bin/touch /usr/share/man/man1/touch.1.gz
So the script would be:
<?php
shell_exec('/usr/bin/touch /var/www/html/test.txt');
?>
I'm trying to get nightmarejs to work on my centos server and was able to do so by running xvfb-run however I need to call this command via a php exec() function.
when I do I'm just getting an empty result as though it doesn't work?
When I run it via command line (i.e. xvfb-run node my-script.js) everything works great. Any idea why it doesn't seem to work or be available to my php script?
Although Cono's answer does work, it is less secure as it gives YOUR_USER access to wheel, making YOUR_USER an administrator.
Instead, create a file in /etc/sudoers.d (RHEL/CentOS) with contents like: (presuming YOUR_USER is apache)
# Allow apache to run xvfb-run
Defaults:apache !requiretty
Defaults:apache visiblepw
apache ALL = NOPASSWD: /usr/bin/xvfb-run
This way, if the apache user is compromised they can only run the xvfb-run command.
(Answer thanks to ThirdNode)
Ok i figured it out. Basically, sudo access has to be granted for xvfb-run in order to call it via an executable script in php. To do so, log into terminal and do the following:
# sudo visudo
Make sure the wheel group is uncommented
%wheel ALL=(ALL) ALL
This means that users added to the wheel group will have access to call sudo commands
At the bottom of the file, grant your user access to the script
YOUR_USER ALL = NOPASSWD: /usr/bin/xvfb-run
Save your file and add your user to the wheel group
usermod -aG wheel YOUR_USER
finally, from your php script you can now call xvfb-run via sudo
<?php exec('sudo xvfb-run node my-script.js'); ?>
I want to start a Python script from inside PHP code but i can't get the script to run with sudo rights. I'm running a LAMP installation with PHP 7.1 and the script needs to download and create temporary files.
I have tried putting the script in sudoers like this www-data ALL=(root) NOPASSWD: /var/www/html/smuggler/process-data.py and with some other variation of this i found online, but it didn't work. I also tried to set the rights to the python file itself using chmod but that didn't work either.
Everything i found online didn't work.
The only way it works is when i run it from the terminal as sudo.
I'd appreciate if someone could help me. Thanks.
I'm making a PHP page with the purpose of creating and activating Apache VirtualHost files.
The pages generates the files and places it in /etc/apache2/sites-available/. After that a shell script is called by with:
shell_exec("/bin/sh /usr/local/bin/myscript.sh");
myscript.sh:
#!/bin/sh
file=$(ls -1t /etc/apache2/sites-available/ | head -1)
a2ensite "$file" 2>&1 >/dev/null
service apache2 reload 2>&1 >/dev/null
sleep 5
The script seems to be executed (the sleep time corresponds to the amount of time it takes to run and if I don't use 2>&1 >/dev/null I get the output from a2ensite).
But the site is never enabled.
It works fine if I run the script from terminal, so I'm guessing it's some sort of permission issue. I've been playing around with sudoers and file permissions for two days now, but always with the same results.
Been adding stuff like
www-data ALL=NOPASSWD: /usr/local/bin/myscript.sh
and chmod 777 for testing purposes, but nothing.
Is there any definite way to do this?
I'm running Ubuntu 16.04 and PHP7.
I think its because www-data don't have the right to execute the service and a2ensite commands.
Try this :
#!/bin/sh
file=$(ls -1t /etc/apache2/sites-available/ | head -1)
sudo a2ensite "$file" 2>&1 >/dev/null
sudo service apache2 reload 2>&1 >/dev/null
sleep 5
And then, edit the sudo file with sudo visudo and add
www-data ALL=NOPASSWD : /usr/sbin/service, /usr/sbin/a2ensite
I think you need a dot in between:
shell_exec('/bin/sh' . '/usr/local/bin/myscript.sh');
Also, I am using single quotes... as above.
or you can try:
shell_exec('/usr/local/bin/myscript.sh');
This is solved. The problem was not sudoers or file permissions. The commands were not executed correctly because Apache module mpm-itk was activated. Worked perfectly after I deactivated it.
I didn't need mpm-itk, but if anyone with similar problems needs it activated you could try this:
https://askubuntu.com/questions/491624/setresuid-operation-not-permitted-when-calling-via-php
(Thanks Myran)
I'm trying to get an image of the raspi camera via a php script.
It's installed php5, apache2 and all necessary stuff.
Snippet: /var/www/img.php
if(isset($_GET['pic']))
system("sudo raspistill -w 512 -h 320 -o /var/www/img/img.jpg");
When I run the command directly in the terminal it's working, but the php script not. With sudo php /var/www/img.php?pic I'll get an error:
Could not read input file: /var/www/img.php
First I thought it's a problem with the permissions, but isn't working even with root privileges.
Have anybody an idea? I'm really depressed..
Thanks a lot!
Solution
first it's necessary to change the owner of the apache directory:
sudo chown www-data:www-data -R /var/www
After that it's not necessary to prepend sudo:
exec('raspistill ...');
It's also possible with popen, system, ...