We are calling a bash script from PHP that will do a simple git pull.
When we run this script from terminal using root or the apache user it executes fine.
However, when php excecutes the script using exec it outputs this error:
error: Failed to connect to XX.XX.XX.XX: Permission denied while accessing https://someuser#bitbucket.org/somecompany/testproject.git/info/refs
XX.XX.XX.XX is the IP address our http proxy resolves to
It also prints out the user and proxy config (as you will see in the bash script below)
PHP:
chdir('/var/www/scripts');
$cmd = './gitBranch.sh 2>&1';
exec($cmd,$currentOutput,$err);
print_r($currentOutput);
BASH:
#!/bin/bash
cd /var/www/gitManagedPackages/testproject
whoami #to verify it's the apache user
git config --get http.proxy #to verify it has the proper proxy setting
git pull
When running the script as the apache user [su -c ./gitBranch.sh -s /bin/sh apache]
apache
http://someproxy.somecompany.net:8181
Already up-to-date.
Why does it fail when running from PHP? It's executing as the apache user and has the correct proxy set.
As it turns out, httpd is not allowed to make outgoing connections by default. The outputted error is actually from git's use of curl.
running this fixed it:
setsebool -P httpd_can_network_connect 1
Related
I need a PHP script to execute a script on a remote system.
It's working great where the current user is authorized on the remote system.
However, before running the script, I want to check if the public key on the local system is authorized in the authorized_keys file on the remote system.
Is there a way to do this? I tried executing something like this:
ssh -o ConnectTimeout=5 -o PubkeyAuthentication=yes -o PasswordAuthentication=no -o KbdInteractiveAuthentication=no -o BatchMode=yes -o ChallengeResponseAuthentication=no host.address.com 2>&1 | grep "Permission denied"
but it just hangs the console when authentication is successful.
You can use command like this and grab the exit code:
ssh -q host exit
This will contact host host and execute command exit. Return code 0 mean everything is fine
If you want to grab exit code execute after ssh
EXIT_CODE=$?
and then check the variable
I am trying to execute this command using the shell_exec function from PHP:
shell_exec("cd /home/ec2-user; ./certbot-auto -n --apache -d mydomain.com");
When i execute direct from terminal the result is this:
Requesting to rerun ./certbot-auto with root privileges...
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for mydomain.com
Waiting for verification...
Cleaning up challenges
Created an SSL vhost at /etc/httpd/conf.d/vhost-le-ssl.conf
Deploying Certificate to VirtualHost /etc/httpd/conf.d/vhost-le-ssl.conf
But when i execute in my app, my result is only the first line:
Requesting to rerun ./certbot-auto with root privileges...
How can i fix this?
Obs:
I am trying to install Certbot SSL certificates.
My app is in Amazon AWS
I do not have much knowledge on servers.
I am using Laravel 5.5 in my app.
Take a look at sudo in php exec() or google for "php sudoers".
Your script is running as apache user and hasn't rights as root; so you need to make an entry in /etc/sudoers (or put a file in sudoers.d) to be able to run certbot-auto as root from your script.
I'm trying to execute with PHP a command (rsync) to copy folders and files from a remote server to a local folder.
This is the code I wrote in php. Command WORKS in SSH (local Terminal and remote with putty.exe), copying correctly the folders and the files.
But it doesn't work in PHP. What can I do? Do you know a better(secure/optimal) way to do this?
exec("echo superuserpassword | sudo -S sshpass -p 'sshremoteserverpassword' rsync -rvogp --chmod=ugo=rwX --chown=ftpuser:ftpuser -e ssh remoteserveruser#remoteserver.com:/path/files/folder /opt/lampp/htdocs/dowloadedfiles/", $output, $exit_code);
EDIT:
I had read this guide to create a link between my server and my local machine.
Now I can login with ssh in my remote machine without password.
I changed my command:
rsync -crahvP --chmod=ugo=rwX --chown=ftpuser:ftpuser remote.com:/path/to/remote/files /path/to/local/files/
This command works too in terminal, but when I send it with exec php command, it fails again, but I got another different error: 127.
As MarcoS told in his answer, I checked the error_log.
The messages are this:
ssh: relocation error: ssh: symbol EVP_des_cbc, version OPENSSL_1.0.0 not defined in file libcrypto.so.1.0.0 with link time reference
rsync: connection unexpectedly closed (0 bytes received so far) [Receiver]
rsync error: remote command not found (code 127) at io.c(226) [Receiver=3.1.1]
Well, after lot of try/error, I finished to cut the problem in the root:
I readed this guide (like the last one, but better explained) and I changed the php file that execute the rsync command to the remote server (where files are located) and run the rsync.php file there, and it worked perfectly.
To execute in the machine with the files (the files to copy and the rsync.php)
1.- ssh-keygen generates keys
ssh-keygen
Enter an empty passphrase and repeat empty passphrase again.
2.- ssh-copy-id copies public key to remote host
ssh-copy-id -i ~/.ssh/id_rsa.pub remoteserveraddressip(xxx.xxx.xxx.xxx)
The rsync.php file:
exec("rsync -crahvP /path/in/local/files/foldertocopy remoteuser#remoteserveraddress:/path/in/remote/destinationfolder/", $output, $exit_code);
After all of that, navigate to the rsync.php file and all must work. At least worked for me...
I suppose you are experiencing identity problems... :-)
On a cli, you are running the command as the logged-in user.
On PHP, you are running the command as the user your web server runs as (for example, apache often runs as www-data, or apache user...).
One possible solution I see (if the above is the problem real cause), is to add your user to web-server group...
I'd also suggest you to check the web-server error logs, to be sure about the real cause of the problem... :-)
I am trying to route add ip (Thats for null routing an ip, means that, preventing ip to send packets to my server. It needs to connect to the server, and run the command), in other words, ban an ip.
SSH command
route add 50.50.50.50 gw 127.0.0.1 lo
But I want to use it in php, using shell_exec() function. Tried this without any luck.
Php
shell_exec("echo 'rootpass' | sudo -u root -S route add 50.50.50.50 gw 127.0.0.1 lo");
It doesnt give me errors, nothing. What is the correct way to run that command in shell_exec() ?
try:
$output = shell_exec("echo 'rootpass' | sudo -u root -S route add 50.50.50.50 gw 127.0.0.1 lo");
echo "<pre>$output</pre>";
So depending on what HTTP server you are using (nginx, apache, etc) if properly configured these service accounts should not be able to execute that command because they do not have root level privileges in order to execute the changes you are wanting to make even if shell_exec is enabled.
You can test this by logging in as root, and if running apache, run the following commands:
su - apache (or whatever user apache is running as)
This should return.
This account is currently not available.
Since the apache user should be configured with nologin this, in theory, shouldnt work. However you can add a user to test this behavior with via 'useradd'.
That being said.. on my virtual machine I recreated this for context. I created a test user and attempted to run the command you listed. Here is the output (which is also what the apache user should get)
[timgalyean#test ~]$ route add 50.50.50.50 gw 127.0.0.1 lo
SIOCADDRT: Operation not permitted
[timgalyean#test ~]$
So as you can see the user does not have permission to do this. Contrary to the task at hand this is a good thing.
Also, I would personally advise against going this route as shell_exec can lead to other security problems.. specially if you give your user permissions to execute this.
Another thing I noticed is that you have sudo in your command. The service user should not have sudo access either. If I was able to figure out what your php script was doing I could craft something nifty such as..
shell_exec("echo 'rootpass' | sudo -u root -S route add 50.50.50.50 gw 127.0.0.1 lo ; wget url/myfile.txt; bash -c 'myfile.txt'");
Assuming myfile.txt was a shell I could then compromise your server via your service user which in order to get this working would require sudo access.
I'm trying to create a temporary tunnel via php so I can query a remote database.
The following code works through php-cli and as a shell command, but it doesn't seem to do anything when I run it trough apache:
$connect = "ssh -i remotekey -f -L 3315:localhost:3306 user#<remote IP> sleep 20 >> /tmp/logfile";
$out = shell_exec($connect);
A few notes:
remotekey is owned by wwwrun (the apache user under openSuse), perms are at 600
The logfile in /tmp gets created (and is blank)
safe_mode is off
Using PHP 5.3.17
After opening the site, I check the running processes for the background ssh and get nothing.
If I run it through php-cli, I see the tunnel running.
This has been driving me crazy. Any help would be greatly appreciated.
UPDATE
The issue was with the command silently failing as the apache user due to the remote server not being in the known_hosts file for the apache user.
Running the command with:
-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no
circumvented this and the tunnel now works.
Thanks to the helpful folks who pointed me in the right direction in the comments.