I need some help as my script doesn't create a file. I want to run this script at cronjob. I am using Debian Linux with PHP and Apache.
My script is locate at /var/www/myapplication folder. I want to create / write a file at /var/www/myapplication/testfolder.
The commands I use in the php script is:
echo `whoami`;
exec ('whatever >> testfolder/testing.txt');
Folder rights:
drwxrwxrwx 2 www-data www-data 4096 Jul 27 09:55 testfolder
When I run the script directly from browser (http://127.0.0.1/myscript.php)
it doesn't create the file (testing.txt)
echo whoami says: www-data
When I run the script from the server with root rights (su):
php -q /var/www/myapplication/myscript.php >>log3.txt
it creates the file (testing.txt)
echo whoami says: root
log3.txt is created at /var/www/myapplication folder
When I run the script from crontab:
/usr/bin/php -q /var/www/myapplication/myscript.php >>log3.txt
it doesn't create the file (testing.txt)
echo whoami says: root
log3.txt is created at /root folder
Why isn't testing.txt created my I run my script from crontab as a cronjob ?
You shouldn't be executing operating system commands directly, there are already functions and objects avaliable in PHP for writing and read files. As well, you shouldn't be giving them permission to be writing files to /. Even though you're running it from localhost, if you ever expose the service you're allowing public users to run operating system commands.
You also mention in your comment that you want to redirect the output of 'whatever' to a file, but I still don't see why you couldn't do this with the PHP provided functions.
Regardless, to answer the original question when you run the script via localhost you're accessing it via Apache which means the user www-data is running the PHP script. When you access it via your cronjob you're calling PHP from the commandline and another user is accessing the service.
You can see the error that is being returned from attempting to write to the file by logging in with the user running the cronjob and using echo exec(...).
Related
I have a php file that has a shell_exec call. The shell_exec functions runs a .sh file.
#!/bin/bash
filename=$(ls *.jpg -Art | tail -n 1)
codegen_dir=/usr/local/codegen/
cd "$codegen_dir"
out=$(./classifier /var/www/$filename)
echo $out
The executable 'classifier' exists in the codegen_dir and has 1 shared library dependency. The script runs correctly from the command line. The php file also runs correctly from the command line. however, when I run the php file as a http request I get the following in std_err:
"./classifier: error while loading shared libraries: libreader.so: cannot open shared object file: No such file or directory"
The .so file is in the same directory as the executable
My php server root is : /var/www
All files in the server root have the permissions:-rwxrwxrwx 1 www-data www-data
All files in 'codegen_dir' have the permissions: -rwxrwxrwx 1 ubuntu www-data
I am able to read other files in the codegen_dir
Shared libarary path might be not accessible by apache user. You can allow classifier program in sudoers file for apache and use sudo to run classifier application as apache user
Or
make shared libraray and its path accessible by all users by changing its permission
out=$(sudo ./classifier /var/www/$filename)
Try to login with apache user and run above script or try to access shared lib
su -s /bin/bash apache
Can I write a shell script which anyone can execute which INTERNALLY switches user (or elevates to root) and then runs those commands without exposing the executing user to root privileges?
Some background: I have a shell script which gets a file from my local network (using smbclient) and then converts and treats said file to a csv ready to import into my MYSQL DB. I can run the file as myself but when I try and execute it thru in PHP exec() or shell_exec() I get permission issues because it's user is www-data.
I've spend a day tring various file permision changes, apending the path environment and even reading up on granting www-data sudo rights (without success) but, rather than all that can I create a file anyone (www-data) can execute and safety perform the commands within (and only the commands within) as my user or sudo?
you can do this by editing /etc/sudoers
sudoedit /etc/sudoers
add this line
Cmnd_Alias YOUR_CMD_ALIAS= /path/yourShellScript
[User's name] ALL=(ALL) NOPASSWD: YOUR_CMD_ALIAS
then execute your code with sudo
sudo /path/yourShellScript
I've just started with shell scripts a week ago so please be easy on me. When I run create.sh from the terminal, everything works great as expected. However when I execute the same script create.sh from create.php it doesn't work.
I'm executing my PHP script from the web browser by visiting the URL: http://192.168.8.108:8083/create.php
create.php – This file is responsible for running the create.sh file
echo shell_exec('/usr/local/panel/bin/create.sh');
create.sh – This file creates a directory under /var/www.
The permission
#!/bin/bash
sudo mkdir -p /var/www/example.com
Owner: root Access: Read and Write
Group: root Access: Read-only
Public: Access: Read-only
You need to make sure that user who run php script has correct permission. If script create.php run as apache then you need to make sure apache user has write access to /var/www directory.
I need to execute a Ruby file via PHP on Debian 8 & Apache server.
The current code looks like
exec('/usr/local/rvm/rubies/ruby-2.1.1/bin/ruby /var/www/project/_backend/pull-data.rb clients', $null, $returnVal);
echo intval($returnVal);
In this example, $returnVal (see exec()) returns 1 which could be missing permissions for executing the specific file.
The current permissions for pull-data.rb:
-rwxr-xr-x 1 www-data www-data pull-data.rb
Watching the Apache error log a Load Error occures when the php scripts calls the ruby exec command:
`require': cannot load such file -- mysql2 (LoadError)
The MySQL2 gem is installed and executing the Ruby file via the shell ruby command just works fine.
Thanks,
Roman
I am trying to write to a file by running a python script as user www-data. When I run the script using the following:
sudo python my_script.py
it writes fine. When I run the PHP script as www-data it doesn't write. Permissions:
folder(PiControl....contains status_log file): drwxrwxrwx
file(status_log....the file I am trying to write to): -rwxrwxrwx User:www-data group:www-data
writing to file Python code:
#!/usr/bin/python
import datetime
status="on"
with open("status_log", "a") as myfile:
myfile.write("{} {} {}".format("<br>light is now:", status,datetime.datetime.now()))
I created a webpage button to run the file
Can someone tell me what to change here?
Because I had symlink'ed my web files from my home directory when the PHP read status_log they found it in my local directory, when www-data wrote to it (via the Python above) it created the file in /var/www, instead of /home where I was trying to read it from.
The solution was to change the path of the file being read to its location in: /var/www