I am trying to write to a file by running a python script as user www-data. When I run the script using the following:
sudo python my_script.py
it writes fine. When I run the PHP script as www-data it doesn't write. Permissions:
folder(PiControl....contains status_log file): drwxrwxrwx
file(status_log....the file I am trying to write to): -rwxrwxrwx User:www-data group:www-data
writing to file Python code:
#!/usr/bin/python
import datetime
status="on"
with open("status_log", "a") as myfile:
myfile.write("{} {} {}".format("<br>light is now:", status,datetime.datetime.now()))
I created a webpage button to run the file
Can someone tell me what to change here?
Because I had symlink'ed my web files from my home directory when the PHP read status_log they found it in my local directory, when www-data wrote to it (via the Python above) it created the file in /var/www, instead of /home where I was trying to read it from.
The solution was to change the path of the file being read to its location in: /var/www
Related
I have a php file that has a shell_exec call. The shell_exec functions runs a .sh file.
#!/bin/bash
filename=$(ls *.jpg -Art | tail -n 1)
codegen_dir=/usr/local/codegen/
cd "$codegen_dir"
out=$(./classifier /var/www/$filename)
echo $out
The executable 'classifier' exists in the codegen_dir and has 1 shared library dependency. The script runs correctly from the command line. The php file also runs correctly from the command line. however, when I run the php file as a http request I get the following in std_err:
"./classifier: error while loading shared libraries: libreader.so: cannot open shared object file: No such file or directory"
The .so file is in the same directory as the executable
My php server root is : /var/www
All files in the server root have the permissions:-rwxrwxrwx 1 www-data www-data
All files in 'codegen_dir' have the permissions: -rwxrwxrwx 1 ubuntu www-data
I am able to read other files in the codegen_dir
Shared libarary path might be not accessible by apache user. You can allow classifier program in sudoers file for apache and use sudo to run classifier application as apache user
Or
make shared libraray and its path accessible by all users by changing its permission
out=$(sudo ./classifier /var/www/$filename)
Try to login with apache user and run above script or try to access shared lib
su -s /bin/bash apache
I've just started with shell scripts a week ago so please be easy on me. When I run create.sh from the terminal, everything works great as expected. However when I execute the same script create.sh from create.php it doesn't work.
I'm executing my PHP script from the web browser by visiting the URL: http://192.168.8.108:8083/create.php
create.php – This file is responsible for running the create.sh file
echo shell_exec('/usr/local/panel/bin/create.sh');
create.sh – This file creates a directory under /var/www.
The permission
#!/bin/bash
sudo mkdir -p /var/www/example.com
Owner: root Access: Read and Write
Group: root Access: Read-only
Public: Access: Read-only
You need to make sure that user who run php script has correct permission. If script create.php run as apache then you need to make sure apache user has write access to /var/www directory.
I am trying a POC running a python script in a back-end implemented in PHP. The web server is Apache in a Docker container.
This is the PHP code:
$command = escapeshellcmd('/usr/local/test/script.py');
$output = shell_exec($command);
echo $output;
When I execute the python script using the back-end we are getting a permission denied error for creating the file.
My python script:
#!/usr/bin/env python
file = open("/tmp/testfile.txt","w+")
file.write("Hello World")
file.close()
This is the error I'm getting:
IOError: [Errno 13] Permission denied: 'testfile.txt'
For the directory im working with the permissions are as follows,
drwxrwsr-x 2 1001 www-data 4096 May 8 05:35 .
drwxrwxr-x 3 1001 1001 4096 May 3 08:49 ..
Any thoughts on this? How do I overcome this problem?
To start is is incredibly bad practice to have relative paths in any scripting environment. Start by rewriting your code to use a full path such as /usr/local/test/script.py and /tmp/testfile.txt. My guess is your script is attempting to write to a different spot than you think it is.
When you know exactly where the files are being written go to the directory and run ls -la and check the permissions on the directory. You want it to be writeable by the same user or group as the web server runs.
Looking at the permissions you have shown you don't have the user able to write to the directory, just everyone and the group. You need to add user write permissions - chmod u+w /tmp will do the job.
I believe the problem is that you are trying to write to an existing file in the /tmp/ directory. Typically /tmp/ will have the sticky permission bit set. That means that only the owner of a file has permission to write or delete it. Group write permissions on files do not matter if the sticky bit is set on the parent directory.
So if this is the contents of your /tmp
$ ls -al /tmp
drwxrwxrwt 5 root root 760 Apr 30 12:00 .
drwxr-xr-x 21 root root 4096 Apr 30 12:00 ..
-rw-rw---- 2 1001 www-data 80 May 8 12:00 testfile.txt
We might assume that users in the group www-data should be able to write to testfile.txt. But that is not the case, since . (the /tmp/ directory itself) has the sticky bit set (the t in the permissions section indicates this).
The reason why the sticky bit is set here is that everyone should be able to write files there, but not have to worry that other users might modify our temporary files.
To avoid permission errors, you can use the standard library tempfile module. This code will create a unique filename such as testfile.JCDxK2.txt, so it doesn't matter if testfile.txt already exists.
#!/usr/bin/env python
import tempfile
with tempfile.NamedTemporaryFile(
mode='w',
prefix='testfile.',
suffix='.txt',
delete=False,
) as file:
file.write("Hello World")
I have a simple shell script, it is entirely:
#!/bin/bash
echo "Hello world"
If I check ownership and permissions it is:
-rwxrwxr-x localuser localuser 31 Aug 16 12:00 shell.sh
I have a PHP file which is also owned by localuser (though I have tried with it owned by nginx, too) and has -rwxr-xr-x permissions. The thing is, my server is running as nginx. When I run a simple PHP file called test.php which in turn calls shell.sh it works in the command line, but never in PHP executed by visiting the page in my browser.
I have tried:
Setting the ownership of shell.sh to nginx
In the test.php file I have used chdir() and relative path to run shell.sh as well as absolute path
I have tried exec(), system() and shell_exec() to run shell.sh
I'm sure there is simply some permission issue I do not understand, but I have no clue what it is.
I need some help as my script doesn't create a file. I want to run this script at cronjob. I am using Debian Linux with PHP and Apache.
My script is locate at /var/www/myapplication folder. I want to create / write a file at /var/www/myapplication/testfolder.
The commands I use in the php script is:
echo `whoami`;
exec ('whatever >> testfolder/testing.txt');
Folder rights:
drwxrwxrwx 2 www-data www-data 4096 Jul 27 09:55 testfolder
When I run the script directly from browser (http://127.0.0.1/myscript.php)
it doesn't create the file (testing.txt)
echo whoami says: www-data
When I run the script from the server with root rights (su):
php -q /var/www/myapplication/myscript.php >>log3.txt
it creates the file (testing.txt)
echo whoami says: root
log3.txt is created at /var/www/myapplication folder
When I run the script from crontab:
/usr/bin/php -q /var/www/myapplication/myscript.php >>log3.txt
it doesn't create the file (testing.txt)
echo whoami says: root
log3.txt is created at /root folder
Why isn't testing.txt created my I run my script from crontab as a cronjob ?
You shouldn't be executing operating system commands directly, there are already functions and objects avaliable in PHP for writing and read files. As well, you shouldn't be giving them permission to be writing files to /. Even though you're running it from localhost, if you ever expose the service you're allowing public users to run operating system commands.
You also mention in your comment that you want to redirect the output of 'whatever' to a file, but I still don't see why you couldn't do this with the PHP provided functions.
Regardless, to answer the original question when you run the script via localhost you're accessing it via Apache which means the user www-data is running the PHP script. When you access it via your cronjob you're calling PHP from the commandline and another user is accessing the service.
You can see the error that is being returned from attempting to write to the file by logging in with the user running the cronjob and using echo exec(...).