I am stuck with a problem in php for the last 3 days. couldn't find a solution yet.
I have a Cent OS remote machine and an Ubuntu local machine. I have a php script named test.php in my local machine so that I want to run some Linux commands in the remote machine using that php script. I used phpseclib for connecting to remote machine. The following is the php script test.php.
<?php
include('Net/SSH2.php');
define('NET_SSH2_LOGGING', NET_SSH2_LOG_COMPLEX);
$ssh = new Net_SSH2('10.3.2.0');
if (!$ssh->login('makesubdomain','abcdabcd')) {
exit('Login Failed');
}
echo $ssh->exec('/usr/local/listdomain.backup/test/makedir.sh');
?>
I can't use root user here since root login has been disabled in remote cent os machine.
So I created this makesubdomain user and gave sudo privileges, that too without password by adding makesubdomain ALL=(ALL) NOPASSWD: ALL in /etc/sudoers file.The below one is the shell script which resides in 10.3.2.0
sudo -H sh -c '
mkdir /usr/local/testdir
if [ $? -eq 0 ];then
echo "success";
else
echo "not success";
fi
'
But now when I run the php script from terminal using command php test.php it showing error sudo: sorry, you must have a tty to run sudo. Ultimately, What shall I need to do with test.php and makedir.sh for creating a directory testdir as specified in .sh file using the given php script with user makesubdomain. Please advice as I am a very beginner in php.
(Note : I can run the makedir.sh file successfully in the remote machine, with the command sudo ./makedir as user makesubdomain, that too without prompting sudo password)
EDIT
I had commented Defaults requiretty in /etc/sudoers as given in http://www.unix.com/shell-programming-scripting/201211-sudo-sorry-you-must-have-tty-run-sudo.html, and it is working fine. Can i have any other option without doing this ?
Try calling $ssh->enablePTY() before doing $ssh->exec().
Related
I'm running
nginx 1.17.4
php 7.4
arch linux 5.4.2
Trying to execute the following command to get my user MAC address from IP (this script will run on my lan server) and $_SERVER['REMOTE_ADDR'] does return a valid ip
shell_exec("sudo /usr/bin/nmap -n -sn ".$_SERVER['REMOTE_ADDR'])
But it returns null so I tried the following to get a more info
shell_exec("sudo /usr/bin/nmap -n -sn ".$_SERVER['REMOTE_ADDR'] ." 2>&1")
And got the following: sudo: effective uid is not 0, is sudo installed setuid root?
I don't understand why I get this error because I have added the following in my sudder file
http ALL=NOPASSWD: /usr/bin/nmap
I've modified my passwd to allow login from HTTP to try it in shell and it works but not when I run it in the browser.
Help please!
Thanks
since my server is arch linux I decide to go ask in that arch forum and found was able to fix my issue. so for anybody interested please view
https://bbs.archlinux.org/viewtopic.php?pid=1877560#p1877560
Basically for me it was changing the php-fpm service file to the following
/etc/systemd/system/multi-user.target.wants/php-fpm.service
Set NoNewPrivileges=false
comment CapabilityBoundingSet
I am trying to ssh to a remote server to check to see if a specific file exists.
I am able to ssh in the command line but whenever I try to with my script it does not return anything / I have to type "exit" and hit enter to get back to the command line.
Steps:
ssh root#website.com
cd ..
ls ATMEXTRACT
I put all of these commands into ouputs so they look like this:
$output = shell_exec("ssh root#website.com");
$ouput1 = shell_exec("cd ..");
$ouput2 = shell_exec("ls *ATMEXTRACT*");
echo($output2);
I am confused as to why this works directly in the command line but is failing in the script. Any help is much appreciated
Here's what you do interactively:
Run ssh root#website.com in the current shell
Input cd .. in ssh
Input ls *ATMEXTRACT* in ssh
Input exit in ssh, which now exits
Find yourself back in your original shell
Here's what you do in your script:
Run ssh root#website.com in a new shell and exit it
Run cd .. in a second shell and exit it
Run ls *ATMEXTRACT* in a third shell and exit it
You could try to open and interact with an ssh command, but you can also just save yourself the trouble and use ssh's command line feature for specifying the commands to run:
$output = shell_exec("ssh root#website.com 'cd .. && ls *ATMEXTRACT*'");
Be aware that this is likely to fail from a PHP website script because you need to set up an authentication mechanism. This true even if ssh root#website.com connects without a password when you manually log in to the web server and try it.
I would recommend you to use ssh2 module of PHP. This will help you to connect any remote server which is reachable through appropriate SSH PORT.
You will need to check, if few modules like OpenSSL and ssh2 are installed on your host server.
if not please check this https://ehikioya.com/install-ssh2-php/ and install above modules.
once these modules are installed and enabled.
follow this code.
$server="website.com";
$server_pwd="Password";
//creating connection using server credentials
$connection = ssh2_connect($server, 22);
//authenticating username and password
if(ssh2_auth_password($connection, 'root', $server_pwd)){
echo "connected"
}else{
echo "could not connect to server";
}
ssh2_exec($connection, "ls /FULL_PATH/ATMEXTRACT"); //run your command here
Been wrestling with this one for a little bit. I'm currently working on a PHP application that connects to a custom API as well as performs changes to a server via Phpseclib's SSH2 library.
$ssh = new Net_SSH2($server_name);
if(!$ssh->login("username", "password")) {
$result['result'] = 'ERROR';
$result['message'] = 'Login failed';
} else {
$result['propertyFolderDeleted'] = $ssh->exec("cd /var/www/sites; echo 'password' | sudo -S /usr/local/bin/delete_property.sh -sc $company_name -sp $property_name");
return '{"data":'.json_encode($result).'}';
}
Output generated:
{"data":{"propertyFolderDeleted":"[sudo] password for portals: "}}
Pretty straight-forward, my application uses SSH2 to exec some Bash scripts I have in place on my server. For the most part this works flawlessly, but for some reason, exec-uting this one Bash script ('delete_property.sh') outputs the sudo password prompt as a result.
I've tweaked my request and executing my Bash script via command-line (in Putty) no longer outputs the prompt text upon completion of the Bash script.
Why isn't this the case when using Phpseclib?
Just add the user to the sudorious file.
Open the terminal.
Type "sudo visudo"
Add at the end of the file "youruser ALL=(ALL) NOPASSWD:ALL" and just replace "youruser" with your real user.
Save and exit.
Now every one command with your user which is using sudo will be executed without asking the password.
I an Ubuntu 16.04 machine running NGINX and PHP. I would like to enable the www-data user (via web browser) to be able to access a PHP page (php-test.php) that will execute either a bash script (script_test.sh) or execute Linux CLI commands using shell_exec or exec.
I have done the following.
Created my bash script file script_test.sh
#!/bin/bash
whoami
echo $USER
echo 'test'
exit
when I run this from CLI, using
./ script_test.sh
It does indeed work and I can see the info echoed out in the CLI.
I then pursued the goal of being able to allow the www-data user run this bash script through a PHP page running on this same machine from NGINX.
I created my php page (php_test.php) and it contains the following
<?php
chdir('/path/to/my/files/');
shell_exec('./script_test.sh'); // ATTEMPT RUN SCRIPT
shell_exec('/path/to/my/files/script_test.sh'); // ATTEMPT RUN SCRIPT
echo 'test 123'; // SIMPLE ECHO IN THE PHP PAGE
?>
I then ran the following to modify the sudoers file, giving www-data access to the bash script
sudo nano /etc/sudoers
to which I added the following line
www-data ALL=NOPASSWD: /path/to/my/files/script_test.sh
I then made sure the script was executable, for the sake of my testing, not worrying about security, I just set it to 777 with the following command
sudo chmod 777 script_test.sh
From there I opened a web browser and browsed to the localhost (NGINX) web server (php_test.php) and the only thing I see on the page is the 'test 123' that I echo from PHP... none of the bash script appears to have run at all. I tailed the NGINX error log and don't see any error at all.
Is there another log that could contain clues on this?
What else should I check here?
The result of shell_exec() is returned as string. To display it in your browser, simply add echo.
<?php
chdir('/path/to/my/files/');
echo shell_exec('./script_test.sh'); // ATTEMPT RUN SCRIPT
echo shell_exec('/path/to/my/files/script_test.sh'); // ATTEMPT RUN SCRIPT
echo 'test 123'; // SIMPLE ECHO IN THE PHP PAGE
?>
See the Return Values in the manual:
The output from the executed command or NULL if an error occurred or
the command produces no output.
Can you try to use passthru instead of shell_exec, and see the output anything?
Also try this, and see if it shows on the log file:
if(file_exists('/path/to/my/files/script_test.sh')) { die('File not found!'); }
shell_exec("nohup /path/to/my/files/script_test.sh > /path/to/my/files/output.log &");
Also, are you running PHP with the www-data user (check your fpm pool)?
Do you have any error on /var/log/syslog or /var/log/auth.log ?
Have you restarted the server after changing the sudo permissions?
What does su - www-data -c "whoami" and su - www-data -s /bin/bash -c "whoami" outputs?
Does su - www-data -s /bin/bash -c "/path/to/my/files/script_test.sh" output something?
I'm new in using Linux, I'm trying to write a PHP code which can run .exe linux compatible file, I've made a short shell script
hello bash script:
#!/bin/bash
./program.exe file.mp4 // file.mp4 is an an input for .exe
echo "Hello World!"
shell.php:
<?php
$output = exec ("./hello ");
echo "<pre>$output</pre>";
?>
Now when I run shell.php using web browser it shows Hello World! but the .exe doesn't run, however when I run php using terminal command php shell.php, It works fine.
I think I'm having problems with permissions but I'm new with Linux and I don't know how to solve this.
Update:
I ignored the shell script and I used
<?php
$output = shell_exec ("cd /var/www/ && ./program.exe file.mp4 2>& " );
?>
also I granted access to program.exe
chmod 777 program.exe
the error I receive in the browser :could not open debug.bin!
use the absolute path to hello executable exec("sh path/to/the/file")
I'm using something similar to call an app compiled with mono on a remote ubuntu webserver and return it's output to the calling script.
For any of this to work properly wine needs to be already installed.
On Ubuntu systems try:
sudo apt-get -y install wine
You then need to know the owner of the web server process. If you are running the apache web server try the following:
cat /etc/apache2/envvars | grep "RUN"
The output will look something like this:
export APACHE_RUN_USER=www-data
export APACHE_RUN_GROUP=www-data
export APACHE_RUN_DIR=/var/run/apache2$SUFFIX
Now that you have the name of the process owner, which in this case is www-data you should ensure the file is owned the user and its group:
sudo chown www-data /var/www/program.exe
sudo chgrp www-data /var/www/program.exe
Finally, we can invoke the application from inside our PHP script by passsing it as a parameter to 'wine' and using its full file path.
<?php
$output = shell_exec("wine /var/www/program.exe file.mp4" );
?>
Any output from the above shell command sent to the command line will be saved in the PHP script variable $output.
It looks like you are trying to do some output redirection with your use of program.exe file.mp4 2>& so I've left that off of the example for clairity.
Try using the absolute path, such as exec("sh /path/to/file")
Generally, php is run as www or apache, so make sure that the execute access permission is granted to all user.