I want to execute a command in PHP using exec() in my script like so but it is not working:
exec('/bin:/usr/bin/php -f /home/myname/public_html/sample_script.php | at now');
I have error reporting on and nothing reports an error. I am allowed to use the exec() function.
I ran the following command in SSH as root and it worked fine:
php -f /home/myname/public_html/sample_script.php | at now
I am on a VPS hosting plan.
My script is owned by myname and not root. Could that be why the exec() line is not working in the script?
If you need any more information, please ask.
To use the 'at' command I added www-data ALL=(ALL:ALL) NOPASSWD: ALL to the sudoers file. I also changed the exec call to exec('echo /usr/bin/php -f /home/myname/public_html/sample_script.php | sudo /usr/bin/at now').
Related
I am using ubuntu server 20.04 LTS, where I have multiple shell files, using php from apache I need to run multiple shell files from a browser but need to run as root.
I have tried the command shell_exec and added sudoers (www-data) and none works, which I can put in the code to enter as root and be able to execute the shell script.
<?php
$code = shell_exec('echo "passwd" | sudo -u root -S sh /home/user/name.sh');
echo "<pre>$code</pre>";
?>
Because your are executing this script as www-data and www-data doesn't have the required privilege to execute any sudo commands.
You can try the following steps.
Modify www-data in /etc/sudoers to be able to execute a script as the superuser. This is a sensitive file and you have to use visudo as the editor to make the changes.
$ sudo visudo -f /etc/sudoers
www-data ALL=(ALL) NOPASSWD: /home/user/name.sh
This will allow www-data to execute the script as the superuser without a password.
In your PHP code change the command in your shell_exec() as follows:
$code = shell_exec(sudo sh /home/user/name.sh');
Make sure your name.sh is set up with proper file modes to protect yourself.
I am trying to run a shell script from a PHP script.
PHP code :
<? php
$sss = escapeshellarg('virtualbox');
$result = shell_exec("/home/hani/Desktop/launchscript.sh '$sss' 2>&1 ");
echo "<pre>$result</pre>";
echo "<br />";
echo (shell_exec('whoami'));
?>
my shell script :
#!/bin/bash
sss=$1
echo 'the sudo password' |sudo -S service $1 restart
After I run the PHP code in a web server (Xampp), I got this output :
[sudo] password for daemon: Sorry, try again.
[sudo] password for daemon:
sudo: 1 incorrect password attempt
daemon
Although, I haven't set any password for the daemon user.
And after I checked the current user running the PHP code I found it is daemon.
After many researches here and in the net, I found that daemon can't run sudo commands.
I also found that I can fix this by editing the sudoers file and giving permissions to the daemon user to run sudo commands. However this is not a secured solution.
so my question is : How to run that script via the PHP code but not as a daemon?
PS : I tried this in order to change the current user running the PHP file :
$result = shell_exec(" sudo -u hani /home/hani/Desktop/launchscript.sh '$sss' 2>&1 ");
But I got this output in the browser :
sudo: no tty present and no askpass program specified
and the user remains daemon.
I am using Xampp in Ubuntu 16.04
Another information, I run this command in the terminal to know the owner of the 'httpd' service :
ps -ef | egrep '(httpd)' | grep -v `whoami` | grep -v root | head -n1 | awk '{print $1}'
the output is : daemon
I think i found a solution ( but still not sure about the security issues).
It only needs to change the default user (owner) and group of the httpd service. This can be done by editing the httpd.conf located in /opt/lampp/etc (if you are using Xampp). The default user, as I mentioned in the question, is daemon. However it has not permissions to run sudo commands, so it only needs to change that user by another one who has the permissions to run sudo commands (obviously the root user or your deafult user in Ubuntu).
a better way is give daemon access to run the one particular script you want
edit the sudoers file
sudo visudo
add in the following line (change the path to the script you want to run)
daemon ALL=(ALL) NOPASSWD: /home/ubuntu/scripts/script.sh
I'm making a PHP page with the purpose of creating and activating Apache VirtualHost files.
The pages generates the files and places it in /etc/apache2/sites-available/. After that a shell script is called by with:
shell_exec("/bin/sh /usr/local/bin/myscript.sh");
myscript.sh:
#!/bin/sh
file=$(ls -1t /etc/apache2/sites-available/ | head -1)
a2ensite "$file" 2>&1 >/dev/null
service apache2 reload 2>&1 >/dev/null
sleep 5
The script seems to be executed (the sleep time corresponds to the amount of time it takes to run and if I don't use 2>&1 >/dev/null I get the output from a2ensite).
But the site is never enabled.
It works fine if I run the script from terminal, so I'm guessing it's some sort of permission issue. I've been playing around with sudoers and file permissions for two days now, but always with the same results.
Been adding stuff like
www-data ALL=NOPASSWD: /usr/local/bin/myscript.sh
and chmod 777 for testing purposes, but nothing.
Is there any definite way to do this?
I'm running Ubuntu 16.04 and PHP7.
I think its because www-data don't have the right to execute the service and a2ensite commands.
Try this :
#!/bin/sh
file=$(ls -1t /etc/apache2/sites-available/ | head -1)
sudo a2ensite "$file" 2>&1 >/dev/null
sudo service apache2 reload 2>&1 >/dev/null
sleep 5
And then, edit the sudo file with sudo visudo and add
www-data ALL=NOPASSWD : /usr/sbin/service, /usr/sbin/a2ensite
I think you need a dot in between:
shell_exec('/bin/sh' . '/usr/local/bin/myscript.sh');
Also, I am using single quotes... as above.
or you can try:
shell_exec('/usr/local/bin/myscript.sh');
This is solved. The problem was not sudoers or file permissions. The commands were not executed correctly because Apache module mpm-itk was activated. Worked perfectly after I deactivated it.
I didn't need mpm-itk, but if anyone with similar problems needs it activated you could try this:
https://askubuntu.com/questions/491624/setresuid-operation-not-permitted-when-calling-via-php
(Thanks Myran)
I think that it's a permissions problem, because in my script
there are some commands that need root privileges to execute
I added www-data to sudoers hoping it would solve the problem
and did
exec("echo \"passwd\" | sudo -S ./myscript");
in my php but it didn't work.
Thanks
You could use shell_exec().
shell_exec("echo \"passwd\" | sudo -S ./myscript");
But I'm not sure if it'll work with sudo.
Also I would like to say that adding www-data to sudoers is very dangerous.
I'm trying to mount an iscsi virtual disk, but if I execute the command through the exec function in php this give me that error: mount: special device /dev/sdf1 does not exist.
But if I run the command directly in the console it run well!!
What can I do?
I'm obtaining the /dev/sdf1 in a good way, and it exists, but only through php doesn't work.
Thanks
I'm running the command with sudo and run it in console as www-data user always with sudo, so, I suppose that is the same enviroment.
sudo mount -t ext3 /dev/sdf1 /san_disks/RIBS_2
The sudoers file has this lines:
www-data ALL = (root) /usr/bin/iscsiadm, /bin/mount, /bin/umount
%www-data ALL=NOPASSWD: ALL
And it works in console.
This was happening because "/dev" wasn't updated. I made a sleep(1) and it works!!