I'm following this tutorial.
I cannot get the gitpull.php script to execute a git pull when accessing the script through the browser.
I can manually execute a git pull from shell on my remote server.
I can manually run the php script:
<?php `git pull`;
which uses back ticks to run shell if I explicitly call the script in shell. php gitpull.php
I've checked permissions on the php file and the file belongs to www-data user. Why can I run the script through the shell but not the browser?
check path and permissions. also change owner to www-data if you are using a debian based distro.
ie: chown www-data:www-data scriptname
and check php error log for details.
It could be the permissions of your web server. The web server would need permissions to execute files.
What web server are you using?
Make sure that the file has the execute bit set.
Related
I am trying to transfer files from one server to another with the code below.
rsync -avz -e "ssh -i /root/.ssh/somekey" /var/www/admin/somefiles.txt root#xxx.xxx.xxx.xxx:/var/www/html_public/some-folder/
It works just fine if I do this on putty but if I do shell_exec this code on a php page and run the page on a browser. It does not work. It returns an empty string.
I hope someone can help me with this. Thanks in advance.
First, you need to check if you need to be a root or (sudo user) for running rsync.
If yes then exec() command will only work if it is run by same user on php-cli (not on browser by Apache user). i.e. Which user you are loggined into shell for run rsync.
If it is root or any elavated permission user with sudo permission then, This rsync command may not be available to apache/www-data user which is working when php script run from browser.
So You try to make a normal user and login through it, Then try rsync if you are successful then it may be interesting to see what are other problems can be, But if you getting access/permission denied then obviously you can not run this script at-least on browser.
Besides this One more thing permission may not be directly related to rsync command itself but with folder /etc/test/ which is owned by root user in normal scenario.
I have a php script that calls a python script which in turn is in charge of writing some files to disk.
If I execute the php script by entering its url in the web browser it can perform several filesystem related tasks:
it's able to create a dir
it's able to chmod the dir
but it's not able to execute the python script which would create and write other files.
The strange thing is that if I run the python script manually as www-data:
user#host $ sudo su www-data
passwd for sudo:
$ whoami
www-data
$ python my_script.py
It works like a charm.
I'm assuming the user when I run the script through the browser is www-data. So why is the result in the console any different?
SOLVED:
Python script starts off by importing some modules from my repository, which are appended to the path via .bashrc or .bash_profile on login consoles. These modules were not available from the browser to the user www-data. So adding this to the python script solved it:
import sys
sys.path.insert(0, 'path_to_my_modules')
solved it.
I apologize for the question. It didn't bring all the necessary information for users to lead to a solution. I guess the problem was so broad that it was difficult for me to start thinking of where its root was.
I lacked a good debugging technique to see what the error was. I commented out all the python script and begun with a simple print 'here'. Uncommenting lines one by one showed me the place where it just didn't print anything anymore (the error was obvious then).
First of all, don't assume that the user is www-data. You should get the output from whoami running from the PHP script to see if it is www-data. Also, you need to make sure your script has +x or execute permissions for the user.
You should read about execute permissions.
You need to use chown on your PHP script to change the ownership to the www-data user:
sudo chown www-data:www-data yourscript.php
Then you need to give the user execute permissions:
sudo chmod u+x yourscript.php
I have a couple of bash scripts on a Centos box which I use to do basic server admin stuff like restart services, etc. I run these as a standard user who is also the scripts' owner.
I tried to run these using shell_exec() in PHP, with the apache user, but it simply doesn't work - I'm guessing it doesn't have enough permissions (even with 775 and being in the correct group!) to run everything I want it to.
I've tried editing the sudoers file giving apache permission to run the script calls but it still doesn't work and has no error messages that I can see.
Any thoughts? How can one trigger a script from a web page which requires a different user to run?
check under which user is running apache ( for debian it is www-data)
add www-data in sudoers list with permission to execute files that you like
check which shell has www-data user in /etc/passwd (you will need to give valid shell)
run script with /bin/bash -x (it will output for sure)
Make sure safe mode is off. Also verify the user is the one you expect:
<?php echo exec('whoami'); ?>
I have a simple PHP script:
exec('git pull origin master', $shell_output, $output);
print_r($shell_output);
print_r($output)
When I call this via CLI php git.php, it works fine. I get the expected output, and a return value of 0. When I visit the page via a web browser, it fails with a return value of 1.
I've set file permissions to 777, and ensured php.ini doesn't block the exec() function.
The CLI runs with the currently logged in user's (you) credentials and it's most probably different from what the web server process uses. Do a exec('whoami') etc. to verify.
I was able to fix the issue with some help by Ates Goral.
To debug the issue, I ran:
sudo -u www-data php git.php
to see how the script behaved when run under the www-data user. There were two issues:
www-data did not have its own public key. I created one and added it to the github repo.
And the .git folder was not readable by www-data. This was fixed by chowning the directory to give permissions to the group www-data that both I and apache belong to.
I have to automate a process using php in which I have to append content in a file.
The file does not have any specific permissions specified but the folder 'abc' has read only permissions, so fopen() prompts permission denied when I try to append a file.
But I can edit the file manually and also from the command prompt. So I tried the following:
When I try
echo exec("echo Testing>>\\xx.xx.x.x\C$\abc\test.txt");
in my script, it does not work.
If the same command
echo Testing>>\xx.xx.x.x\C$\abc\test.txt
is run on cmd it works.
I even tried psexec:-
echo exec('C:/psexec \xx.xx.x.x cmd /c \"echo Testing>>C:\abc\test.txt\"');
again when i run
C:/psexec \xx.xx.x.x cmd /c "echo Testing>>C:\abc\test.txt"
on cmd it works fine.
Is it anything to do with exec() that I am doing wrong?
OR Is there any other way I can edit file, because I should not change the folder permissions but still get the process automated.
I assume you are using Windows. On Debian Linux, I would tell you to give write permissions to user www-data on the appropriate directory.
You probably need to give the local IIS worker account write permissions on the directory. The local IIS worker account is likely named something like IUSR_[SERVERNAME].
Some webhosts decides to remove the function exec for security reasons.
view your php info and check if yours is disabled.