If i run lpr from root, or even run from apache
runuser -l apache -c 'lpr -P RICOH_Aficio_2032 -r /var/www/html/website/tmp/test.txt'
works like a charm.
However, when i print using php_exec
exec('lpr -P RICOH_Aficio_2032 -r /var/www/html/website/tmp/test.txt 2> /var/www/html/website/tmp/error.txt');
i get the following error
lpr: Permission denied
I even set apache as the owner of test.txt
Php exec works when i use ls, cat ecc.
But lpr and lpstat don't work.
What's wrong?
Note: i'm on Centos 6.8 with php 5.6
After some research, i found the problem.
Selinux didn't let the httpd service access lpr/cups.
Disabling Selinux solved the problem.
Note: i don't need Selinux in my situation, but if you faced the same problem, note that disabling Selinux can be a security flaw, especially if the server is accessible outside of your network. Just add the rules to Selinux to let httpd/php do it.
Related
My php code runs a shell file, which opens a tmux session and runs a node.js bot. And when I write this code as php phpfile.php from the terminal, it works, but when I enter phpfile.php from the browser, it does not work. As far as I understand, the problem is with the permissions of the apache user, but it does not work even though I have given him all kinds of permissions. When I try the command sudo -u apache tmux new -s node I get the result [exited]
php code:
<?php shell_exec('bash ./tmux.sh'); ?>
shell code:
tmux new -s node
tmux send-keys -t node.0 "node ./js/bot.js" ENTER
Note: i added apache user to visudo like apache ALL=(ALL:ALL) NOPASSWD: ALL
Note 2: i run this in aws ec2 server using aws linux
if you are using an operating system that uses the security layer SELinux. Please try to turn it off or try writing a rule to it.
I always turn it off.
nano /etc/selinux/config
SELINUX=disabled
I'm trying to compile a C program with shell_exec() (I tried using exec() also). I'm using nginx on CentOS 6 as a server. Here is the command I try to execute:
/usr/bin/gcc /MyStuff/program.c -o program
I set the permissions of the files and the parent folders to 755 and also tried:
/usr/sbin/setenforce Permissive
But none of them seems to give result. The php is under user apache. The output of the command execution when
/usr/sbin/setenforce Permissive
is:
collect2: cannot find 'ld'
When
/usr/sbin/setenforce Enforcing
is
cc1: error: /MyStuff/program.c: Permission denied
Any ideas what's the problem?
I'm trying to get an image of the raspi camera via a php script.
It's installed php5, apache2 and all necessary stuff.
Snippet: /var/www/img.php
if(isset($_GET['pic']))
system("sudo raspistill -w 512 -h 320 -o /var/www/img/img.jpg");
When I run the command directly in the terminal it's working, but the php script not. With sudo php /var/www/img.php?pic I'll get an error:
Could not read input file: /var/www/img.php
First I thought it's a problem with the permissions, but isn't working even with root privileges.
Have anybody an idea? I'm really depressed..
Thanks a lot!
Solution
first it's necessary to change the owner of the apache directory:
sudo chown www-data:www-data -R /var/www
After that it's not necessary to prepend sudo:
exec('raspistill ...');
It's also possible with popen, system, ...
I'm trying to use proc_open() to execute a program and print the results. However, I keep getting 'Permission denied'. Have set chmod to 0777 for the script and executable, but to no avail.
ini_get('safe_mode') is false.
What could be wrong?
I'm using CentOS, Apache and PHP 5.3.3.
I had this problem with an identical setup, and the problem turned out to be SELinux (which is on by default) preventing httpd from executing my external programs. The problem, as I understand it, is that httpd has its own domain and can't touch things outside it. So, the simplest thing to do is to move your scripts into the /var/www directory and reset the file contexts:
restorecon -RF /var/www/
If that's not possible, you can instead change the context of your program in-place:
semanage fcontext -a -t httpd_sys_content_t "/path/to/program(/.*)?"
which will basically say that your program belongs to httpd.
Well, i have this program i need to run via either functions however it is located on my dekstop (this ubuntu 11.04).
I moved it to /home/Username, but no dice.
I run
$blah = exec('sudo | echo mypassword | /home/server1/program commandhere', $test);
var_dump($test);
var_dump($blah); ?>
The output is nothing.
I was told if i wanted to run it via sudo i needed to add the Apache user which is www-data to the sudoers list, i added it, but no luck again.
Basically, i've tried A LOT of things, it just wont run. Why?
EDIT:
If i paste that into the terminal it works great, just not with exec,system nor passtrhu.
Use echo mypassword | sudo -S instead.
It also depends on which user has sudo privileges. If you want to run this from the apache process, you need to give the apache user sudo privileges as well.
Also, just to clarify, the command should be:
echo mypassword | sudo -S /home/server1/program commandhere
Look into your security log. Not sure where this is on Ubuntu, possibly /var/log/secure or /var/log/messages. I'm betting that you find a message there similar to sudo requires a TTY, or sorry, you must have a TTY to run sudo indicating that sudo is configured not to work without a real interactive shell. That is, sudo won't permit you to use it in a script or to be called by an external program.
I recently dealt with this issue myself while trying to bind a Gnome keyboard shortcut to a sudo command.
If this is the case, you'll need to comment out the following line in /etc/sudoers
#Defaults requiretty