We Keep Coding

How to run a shell as root from php (apache)

I am using ubuntu server 20.04 LTS, where I have multiple shell files, using php from apache I need to run multiple shell files from a browser but need to run as root.
I have tried the command shell_exec and added sudoers (www-data) and none works, which I can put in the code to enter as root and be able to execute the shell script.
<?php
$code = shell_exec('echo "passwd" | sudo -u root -S sh /home/user/name.sh');
echo "<pre>$code</pre>";
?>

Because your are executing this script as www-data and www-data doesn't have the required privilege to execute any sudo commands.
You can try the following steps.
Modify www-data in /etc/sudoers to be able to execute a script as the superuser. This is a sensitive file and you have to use visudo as the editor to make the changes.
$ sudo visudo -f /etc/sudoers
www-data ALL=(ALL) NOPASSWD: /home/user/name.sh
This will allow www-data to execute the script as the superuser without a password.
In your PHP code change the command in your shell_exec() as follows:
$code = shell_exec(sudo sh /home/user/name.sh');
Make sure your name.sh is set up with proper file modes to protect yourself.

Executing sudo shell script by php

i am trying to execute pkill command by php script.
killengine.sh script runs fine from terminal, both with ./killengine.sh and php restart.php.
this is killengine.sh
#!/bin/bash
sudo pkill -f engine
and this is restart.php
$out = shell_exec("/var/www/killengine.sh 2>&1");
var_dump($out);
Both files have 755 permissions. Ownew of restart.php is apache, and root is owner of killengine.sh. Also i tried with both owners to be root/apache.
In visudo i made this changes:
Defaults:apache !requiretty
but i get: "sudo: no tty present and no askpass program specified"
Then i tried with
Defaults!/var/www/killengine.sh !requiretty
then i get: "sudo: sorry, you must have a tty to run sudo"
Also, this line is present all the time at the EOF
apache ALL=NOPASSWD: /var/www/killengine.sh
but without success.
OS is Centos 6
Any ideas?

solution:
changed restart.php to
$out= #shell_exec("sudo /var/www/killengine.sh");

running mkdir through php using shell script not working

I have created a file test.sh which looks like this:
#!/bin/sh
mkdir /testDir
If I run the script on the command line like: sudo /path/to/test.sh it successfully creates the directory.
I have added the sudo permissions like this in the visudo:
www-data ALL=NOPASSWD: /path/to/test.sh
and I am running the script like this in my .php file:
shell_exec('sh /path/to/test.sh');
But no directory is being created!
What am I doing wrong?!
Correct user for sudo permissions?
When I run shell_exec('whoami') on the php file I get:
www-data
Correct path to script from php?
I have tested the shell script by adding an echo statement like:
#!/bin/sh
mkdir /testDir
echo "hello"
And when I run the .php command like:
echo shell_exec('sh /path/to/test.sh');
the .php page returns
hello
I have also tried in the test.sh:
output=$( mkdir /testDir )
echo "$output"
but nothing is returned
Update
If I add this to the visudo:
www-data ALL=(ALL) NOPASSWD: ALL
it works!! But when I do:
www-data ALL=(ALL) NOPASSWD: /path/to/test.sh
It doesn't... As you know already know.
I have found a good way to debug by also changing the PHP to
echo shell_exec('sh /path/to/test.sh 2>&1 1> /dev/null');
and it returns the error:
sudo: no tty present and no askpass program specified
So I have tried:
adding Defaults:www-data !requiretty to the visudo but no luck!!!!
adding -t and -A to the sudo command... (ie sudo -t ...)
adding export SUDO_ASKPASS=/usr/lib/openssh/gnome-ssh-askpass before the sudo command and that then just leads to a whole new world of errors.
I have no idea about this requiretty as it does not seem to be anywhere on my ubuntu system. It is not mentioned once in the visudo?
I have spent too long on this!
Can someone tell me what the problems that I could come across if I did just do:
www-data ALL=(ALL) NOPASSWD: ALL
?

If
www-data ALL=(ALL) NOPASSWD: ALL
works, but
www-data ALL=(ALL) NOPASSWD: /path/to/test.sh
does not, then clearly the executed command does not match /path/to/test.sh.
And looking at your code, you are actually not invoking /path/to/test.sh:
sh /path/to/test.sh
You are invoking sh! With /path/to/test.sh as first argument, but still.
You either need to invoke the script directly (if that works):
shell_exec('/path/to/test.sh');
or update your sudoers file accordingly (note the full path of sh):
www-data ALL=(ALL) NOPASSWD: /bin/sh /path/to/test.sh

This worked for me: Added this to my ubuntu > sudoers file www-data ALL=/etc/path-to-my/script.sh
Hope this solves yours too

Some tips I would try:
try using exec instead of shell_exec
try disabling selinux if enabled
try to remove the /bin/sh prefix and use the shebang inside the script instead
become www-data (su www-data -s /bin/bash) and do your tests on the CLI
I hope this helps

How to run sudo terminal commands with php5?

Under a controlled environment, I will try to execute some calls to shell, some of such commands will include sudo privileges.
I tried this php code line:
$out = shell_exec('sudo -u root -S ls < /home/user/.y/.qqz');
Where at last .qqz is a file containing actual password.
However apache log shows this output:
[sudo] password for www-data:
Like the password file is not being passed to the command stdi?
I already made www-data part of the sudo group. How can I get my objective done?

PHP shell_exec touch file permission issue running as sudo

I want to create a file in PHP using shell_exec. Here's the statement I'm trying:
$out = shell_exec('sudo touch maintenance.flag 2>&1 1> /dev/null');
And contents of $out are
sudo: no tty present and no askpass program specified
I'm on Ubuntu 11.10, so I visudo to take a look at the sudo permissions. I set sudo to:
%sudo ALL=(ALL) NOPASSWD: ALL
but it's still not working. What are some things or alternatives I can try to resolve this?