I am having trouble getting a file to execute without typing sudo before it. I think the problem is the libraries I used require you to be a superuser.
I am working on a program for the Raspberry Pi and so far everything has worked great. The program takes a command line argument and outputs it to a separate 2x16 LCD. So if I type the following command as root or place sudo in front of it the program functions as intended:./serialTest Hello World.
What I am working on now is getting the value of a text box on a PHP webpage and submitting it to the program as a command line argument using the exec() function in PHP The problem is that I am unable to execute it because unless I am root I have tried exec("sudo ./serialTest" . $textBox); but it still tells me Permission Denied
After further reading into the libraries I am using I cam across instructions on how to execute the serialOpen function without using sudo or being root I have added the user pi and www-data to the dialout group I have verified this with id pi id www-data. The program still says Permission denied. Is there something I could look at further or am I doing something wrong? I have included the excerpt from the page that states how to run it without using sudo or being root
You can use it without sudo if you add yourself into the dialout group. either edit /etc/group, or use the usermod command. (and logout/login again)
-Gordon
It depends on the server rights provided by Server Service Provider. If you are the Service Prover then edit the Shell Access Rights to executed Exec command in PHP configuration file. As default, exec is not provided in default that's why the message is coming
If you are not service provider then contact them to do things..
Related
I'm trying to make run a SMS sending python script from PHP.
SendSMS.py:
#!/usr/bin/env python
import gammu
sm=gammu.StateMachine()
sm.ReadConfig()
sm.Init()
message={
'SMSC':{'Location':1},
'Text':'blah blah bllah',
'Number':'xxxxxxxxx
}
sm.SendSMS(message)
when i run it from the terminal with "sudo" it doesnt work.But works fine without "sudo"
the error:
gammu.ERR_DEVICENOTEXIST: {'Text': u"Error opening device, it doesn't
exist.", 'Code': 4, 'Where': 'Init'}
I want to run the SMS script from a php script using shell_exec(). The problems are:
I cant run the SMS script with sudo
I cant run it through php without sudo
Please tell me how to fix this
Device-Raspberry pi 3
OS- Raspbian
Most likely it doesn't find the configuration file, by default it's searched in user home directory which is different when executed through sudo.
You can specify path to configuration file on command line however it's better to not execute gammu as root and configure the device to be accessible by user.
I am trying to do simple web service in PHP (I use Laravel) to restart and shutdown my raspberry pi.
I tried in my PHP service call something like this:
exec("putty -ssh pi#192.168.0.12 -pw myPassword -m D:\workspace\CPS\public\ssh\restart.txt");
In my restart.txt I have simple command sudo shutdown -r now
but when I call my web service in Advanced Rest Client Application (Chrome addon), my request is processing and never ending. In command line this works properly.
I thought that the problem is with running PuTTy directly in PHP and I do some changes and create .bat file with the following content:
echo off
putty -ssh pi#%1 -pw %2 -m %3
I start this batch script like this:
exec("D:\workspace\CPS\public\ssh\restart.bat 192.168.0.12 myPassword D:\workspace\CPS\public\ssh\restart.txt");
...but result is the same. I changed my web service to GET method and call service in the browser like page but nothing change.
I haven't any error/exception in log files and in console. I also checked the system log but nothing found.
Am I doing something wrong or missed something? It is possible or there is a better way to achieve this?
Currently I run it on Windows 7 and XAMPP. I will do second version for Linux in future and decide in code which command should I run depends on current environment.
Update
I forgot to wrote, all required users have permissions to execute files in my (...)/ssh directory
Try to use:
echo system("D:\workspace\CPS\public\ssh\restart.bat 192.168.0.12 myPassword D:\workspace\CPS\public\ssh\restart.txt");
to get output. May be you find something error.
And you need to check safe_mode options in your php.ini file (like disable_functions and safe_mode_exec_dir).
And try to use FULL path to your putty.exe file. Webserver work's in another directory, than your bat file.
I am having difficulty with the PHP exec() function. It seems to not be calling certain functions. For instance, the code echo exec('ls'); produces no output whatsoever (it should, there are files in the directory). That main reason this is a problem for me is that I'm trying execute a .jar from a PHP exec() call.
As far as I know I'm calling the java program properly, but I'm not getting any of the output. The .jar can be executed from the command line on the server. (For the record, it's an apache server).
My php for the .jar execute looks like this:
$output = array();
exec('java -jar testJava.jar', $output);
print_r($output);
All I get for output from this exec() call is Array().
I have had success with exec() executing 'whoami' and 'pwd'. I can't figure out why some functions are working and some aren't. I'm not the most experienced person with PHP either, so I'm not too sure how to diagnose the issue. Any and all help would be appreciated.
The reason why you are not able to execute ls is because of permissions.
If you are running the web server as user A , then you can only ls only those directories which have permissions for user A.
You can either change the permission of the directory or you can change the user under which the server is running by changing the httpd.conf file(i am assuming that you are using apache).
If you are changing the permissions of the directory, then make sure that you change permissions of parent directories also.
To change the web server user, follow following steps:
Open the following file:
vi /etc/httpd/conf/httpd.conf
Search for
User apache
Group apache
Change the user and group name. After changing the user and group, restart the server using following command.
/sbin/service httpd restart
Then you will be able to execute all commands which can be run by that user.
EDIT:
The 'User' should be a non-root user in httpd.conf. Apache by default doesnot serve pages when run as root. You have to set user as a non-root user or else you will get error.
If you want to force apache to run as root, then you have to set a environment variable as below:
env CFLAGS=-DBIG_SECURITY_HOLE
Then you have to rebuild apache before you can run it as root.
I have found the issue - SELinux was blocking PHP from accessing certain functions. Putting SELinux into permissive mode has fixed the issues (although, I'd rather not have to leave SELinux in permissive mode; I'd rather find a way of allowing certain functions if I can).
I have a solution:
command runs from console, but not from php via exec/system/passthru.
The issue is the path to command. It works with the absolute path to command
So that:
wkhtmltopdf "htm1Eufn7.htm" "pdfIZrNcb.pdf"
becomes:
/usr/local/bin/wkhtmltopdf "htm1Eufn7.htm" "pdfIZrNcb.pdf"
And now, it's works from php via exec
Where command binary you can see via whereis wkhtmltopdf
Tore my hair out trying to work out why PHP exec works from command line but not from Apache. At the end, I found the following permissions:
***getsebool -a | grep httpd*** ---->
**httpd_setrlimit --> off
httpd_ssi_exec --> off
httpd_sys_script_anon_write --> off**
USE: setsebool -P httpd_ssi_exec 1
SEE: https://linux.die.net/man/8/httpd_selinux
Your problem is not an execution issue but the syntax of the exec command. The second argument is always returned as an array and contains a single line of the output in each index. The return value of the exec function will contain the final line of the commands output. To show the output you can use:
foreach($output as $line) echo "$line\n";
See http://php.net/manual/en/function.exec.php for details. You can also get the command's exit value with a third argument.
i am using arch linux. i want to execute the php file which changes the ip of the system. i did
ifconfig eth0 192.168.163.137
in the terminal and it works fine. the same i tried doing with
shell_exec('ifconfig eth0 192.168.163.137');
in a php file and tried opening the page from a remotely located web browser from another pc connected via router. teh page displays nothing and the code also doesnt execute. i guess its the problem with the user executing it.apache is executing it. so i want it to be run by the root.can anyone please guide me to the execution of my code. i even installed sudo and just put
shell_exec('sudo ifconfig......');
it too doesnt execute...please help...thanku..:)
Sudo normally requires an interactive shell to enter your password. That's obviously not going to happen in a PHP script. If you're sure you know what you're doing and you've got your security issues covered, try allowing the Apache user to run sudo without a password, but only for certain commands.
For example, adding the following line in your sudoers file will allow Apache to run sudo without a password, only for the ifconfig command.
apache ALL=NOPASSWD: /sbin/ifconfig
Adjust the path and add any arguments to suit your needs.
Caution:
There might still be complications due to the way PHP calls shell commands.
Remember that it's very risky to allow the web server to run commands as root!
Probably a better alternative:
Write a shell script with the suid bit to make it run as root no matter who calls it.
shell_exec
This function is disabled when PHP is running in safe mode.
Documentation : http://php.net/manual/en/function.shell-exec.php
So, maybe try tweaking your php.ini file?
Write the commands to a queue and have cron pick them up, validate them (only allow known good requests), and run them, then mark that queue complete with the date and result.
Your end-user can then click/wait for update using ajax.
I am using opencv for initiating the camera on my arch linux. Its getting initiated and works well when I actually do it from the command line on the server itself.
I want to initialize it using php. I tried doing it using shell_exec from PHP.
My PHP file looks like:
<?php
$output=shell_exec('LD_LIBRARY_PATH=usr/local/lib ./a.out 0 2>&1 1>/dev/null');
echo $output;
?>
It gives this output:
ERROR: capture is NULL
I am running this through my windows web browser as a client and the opencv and the related files are on the server that is my arch linux.
I want to start the camera and capture images when I run this php file from the windows web browser, but when executed it throws the error as mentioned.
While this may work when you are SSHed into your server. The webserver user is most likely different than the user you login as. Popular user ids/groups that webservers run as on Linux machines are http, www-data, nobody, and others.
From this point you have two options.
You can make sure the script you are trying to run from PHP (and all of it's children, if any) is able to be run by the webserver user.
You can modify your /etc/sudoers file which gives the webserver user access to elevate permissions for that script only. (NOTE: This potentially opens up security holes so be careful).
To find out what user your webserver runs as execute this: ps aux
Take a look at the output and the first column in the output lists the user that that process is running at. Here's an excerpt of my webserver (nginx) on one of my boxes:
www-data 26852 0.0 0.0 29768 3840 ? S Jun04 0:50 nginx: worker process
You can see that nginx runs with the user www-data here. You can also execute the command with grep to help you find the process quicker. Grep will only show you those lines which match what you send to it. Here's an example: ps aux | grep nginx
Ok now that you know what user the webserver is running as, let's try giving that user access to the script. Let's say your script is foo and is located in /usr/local/bin. You would do the following commands:
chown www-data /usr/local/bin/foo
After changing ownership on the file try to rerun your command again from your PHP page and see if it works.
For completeness I also said you could give your webserver user sudo privileges to that file. To do that you would need to append the following line to the bottom of your /etc/sudoers file:
www-data ALL= NOPASSWD: /usr/local/bin/foo
Then your shell_exec command could switch to this:
shell_exec('sudo /usr/local/bin/foo');
Please keep in mind that doing this would allow your webserver user to run the script as root which is incredibly dangerous in a variety of situations. However, the camera may require elevated permissions to work. I'm not sure what the permissions requirements are on the camera setup you are trying to invoke.
Good luck. Hope this helps!