I'm trying to run a shell command text2wave in PHP on a nginx server.
The problem is the command just exits silently without working as it should. It's also not displaying any errors.
Here's the code:
<?php
$result = `/usr/bin/text2wave --help`;
var_dump($result);
If I run the script via php command in shell ( as a normal user) it works as expected.
However, If I run it via a http request through nginx the var_dump returns NULL
( there are also not logs in error log files)
Thanks for your help!
try:
<?php
function sys_cmd($cmd)
{
$hd = popen($cmd,"r") or die('function disabled');
while (!feof($hd))
{
$rs .= fread($hd,1024);
}
pclose($hd);
return $rs;
}
echo sys_cmd('ls -l');
?>
My guess would be that you've got shell execution disabled in the php.ini configuration file used by your web server.
Try opening /etc/php5/fpm/php.ini file, finding the disable_functions directive, and making sure that none of the following functions are present in the value of the directive: shell_exec,exec,passthru,system
To anybody haing the same problem... I've managed to find out what the problem was. Well.. kind of.
I've switched to apache and it started working right away. So the solution is not to use nginx
I guess it had something to do with the way nginx ran php when doing exec commands...
Although it was a hard decision, I found no other solution but to change to apache... works well now
Related
I have a php script as shown below:
<?php
$output = shell_exec(/var/www/html/scripts/script.sh hello);
echo "<pre>$output</pre>";
?>
and when the output variable uses exec or shell_exec then I get HTTP error 500 but when I change it for something else such as getcwd() it works fine. Exec and shell_exec are not disabled in php.ini and the script has all relevant permissions so I have no idea what is going on.
Any help is much appreciated.
After hours and hours of research I finally found the answer. I'm using CentOS 7 so there was an instance of SELinux running so I tried to set it to permissive and then it allowed me to save the file to any directory that I gave write permissions to. Following that I used the allowed2audit command to give permissions for httpd to read write and execute files and it now works on enforcing mode.
Thanks to everyone who contributed to help me figure it out :)
I'm trying to use a php script for executing a shell script. However I'm having some issues apparently with the web server.
I have a bash script called switch_audio.sh. It basically changes the active audio output of the system.
I also have a script.php that runs the code below:
<?php
echo "It's working";
exec("/var/www/html/switch_audio.sh");
?>
When I execute php script.php it's working fine. However, when I try to run it on the web browser by localhost/script.php I just get as ouput the "echo" part.
I've already tried to:
remove 'exec()' from the disable functions in php.ini;
give permissions for everybody in every folder on this path from "/" to the localhost folder;
Any thoughts about it?
Simple solution: exec() returns a string, but you also have to output it to the user:
<?php
echo "It's working";
echo exec("/var/www/html/switch_audio.sh");
?>
You already said you allowed the shell function on your php.ini configuration but it seems it's not working yet... so maybe:
You didn't restarted webserver service after changes
You have somewhere other statement more restrictive... maybe ini_set in your php files.
As a reminder, be sure that you are doing well on your php.ini file, check it for this kind of statement:
disable_functions=exec,passthru,shell_exec
Maybe you can try instead of exec other similar php function like shell_exec to check if it works. Or maybe is working and not showing anything.
I have a problem trying to run passthru function in my php code (Joomla module). the code is following (this is only a snippet)
ob_start();
passthru("/usr/bin/whois 85.70.231.130 | /usr/bin/grep 'address:'",$code);
$whoisData = ob_get_contents();
ob_end_clean();
$whoisData = str_replace("address:", "", $whoisData);
$whoisArray = split("\n",$whoisData);
echo trim($whoisArray[1]);
when I run this on my localhost, it echoes what it should, but when I run this code on the production server, it echoes nothing and the $code variable contains 127 (command not found). I tryied add absolute paths to these commands into the passthru function, but it didn't helped. Interesting is, that when I run the code right from terminal via ssh and php command, it runs well, but when it's called from application context it doesn't. Does anybody know what I should to do?thanks
SOME EDITS..
safe_mode is on
webserver does not see into /usr/bin and /bin/ folders so what is the best way how to run these commands from php?
usr/bin/grep doesn't look like a valid path to a command.
The missing / at the beginning of the path to the second command might explain the command not found error... even if the first whois command is found.
Have you looked to see if your webserver / php is running chrooted?
print_r(glob('/*'));
if (file_exists('/usr/bin/grep') && file_exists('/usr/bin/whois')) {
print "maybe its a permissions thing?\n";
} else {
print "can't see executables required\n";
}
should give you a clue.
So I have already solved my problem with phpwhois library. I seems like with my server configuration is it unlikely that these functions will be working well. So thanks for your help:)
I'm running wampserver and php5. exec() works when I run the script through the command-line, but when I try to run it through the server, it fails.
I looked at all the error logs, there were none. I redirected stderr to stdout, there was still no output when I run it from the server.
Any suggestions ?
EDIT: I should have mentioned -- I'm running on WinXP and safe_mode is off.
Perhaps you need to turn off safe_mode in php.ini (safe_mode = Off)
Can you post what exactly (code) you try to run?
Did you try this instead?
$return = system('dir');
Do you have a problem with the directories on the server maybe?
Just had the same problem. I don't whether this is a different case than yours or not.
I was trying to create new file(image) in a directory. Apparently the problem was on the folder permission. I used Linux Ubuntu.
I am using this php code:
exec("unrar e file.rar",$ret,$code);
and getting an error code of illegal command ie 127 ... but when I am using this command through ssh its working ... because unrar is installed on the server ... so can anyone guess why exec is not doing the right stuff?
Try using the direct path of the application (/usr/bin/unrar of whatever), it sounds like php can't find the application.
If you have chrooted apache and php, you will also want to put /bin/sh into the chrooted environment. Otherwise, the exec() or passthru() will not function properly, and will produce error code 127, file not found.
Since this comes up as a top answer in google, I wanted to share my fix:
The simple fix I had was to disable safe_mode in the php.ini file
; Safe Mode
; http://www.php.net/manual/en/ini.sect.safe-mode.php#ini.safe-mode
safe_mode = Off
thanx all for your response!!
I tried this
//somedir is inside the directory where php file is
chdir("somedir");
exec("/home/username/bin/unrar e /home/path/to/dir/file.rar");
and now it returned no exit code ... oher commands are doing file .. i tried mkdir etc .. :s
Just in case somebody else still gets this problem, take a look at the post here:
http://gallery.menalto.com/node/2639#comment-8638
Quote:
I found the problem. The problem was my security-paranoid OpenBSD. When upgrading from 3.1 to 3.2 they added:
Apache runs chroot'd by default. To disable this, see the new -u option.
The chroot prevented Apache from accessing anything outside of a directory, so I moved everything into the apache directory including netpbm. Everything was accessible and executable, but I guess it was still in some sort of "safe mode" because the exec() always returned 127.
Anyway, running httpd with the -u option went back to the less secure non chroot'd apache startup, which allowed the exec() to work again.
ohkiee guyz thanx ... and yes there might be some errors with $PATH ... but with given full path its working :)
exec("/home/user/bin/unrar e /home/user/xxx/yyy/file.rar");
I did not find the solution for my problem of the same type so sharing what was the cause of it in my Linux setup.
For whatever reason I needed an apache module loaded before other modules and so apache was started with LD_PRELOAD. As exec inherits the environment of the parent process LD_PRELOAD was used for starting the exec-ed program (through sh). Now the preloaded module uses some bindings to apache functions and of course they are not to be present in sh. The result of the php exec was an exit status of 127. The solution was to have in my php file a putenv("LD_PRELOAD") that gets executed before any exec calls.