I'm trying to restart my Apache2.2 webserver using a bat file that is being called by a PHP running in IIS using exec(), Apache and IIS is in the same server.
PHP code
exec("cmd /c restart.bat");
bat file
"PATH_TO_APACHE\bin\httpd.exe" -k restart -n Apache2.2
When I load my php via http to restart, I get an "Unable to open logs" error in my Apache error log file.
Majority of my search results say that there is a port 80 conflict however when I do a netstat there is none, my IIS is listening to a different port. Double-clicking the .bat file works, but running it from the PHP gets the error. Any ideas? Please advise.
IIS runs all executable scripts under the context of a specified user, usually this is the IUSR_[MACHINENAME] account.
This account can be changed in the IIS configuration in the pool configuration.
The problem you're running into is probably that this user is not allowed to access the log file location.
To track this problem down I would:
1. (dangerous, use only for testing): put the IUSR account in the local administrators group. test again. if it works, you know it is a permission problem.
2. Try using the runas command to run cmd.exe as the IUSR user and execute your command in the console window, that way you see all error messages and test more easily.
3. allow IUSR to write to the apache log location.
A whole different attempt would be to create a marker file in PHP, and use a scheduled task run as Administrator to restart apache if that marker file exists. That way you do not need to give the IUSR account more permissions and have a separate code handling the restart.
Related
I'm using Apache and PHP. Webroot directory is /home/name/public_html
I want to include a file from /home/name/abc.php
include_one "/home/name/abc.php";
I got failed to open stream: Permission denied warning.
If i move the same file inside the webroot /home/name/public_html/abc.php
There is no error.
Apache User and Group has the permission to access the file /home/name/abc.php
I have another server with the similar configuration, it is working. Just want to know the possible reason.
I tried to run the PHP script directly in linux console, there is no permission issue. I guess the problem is in Apache configuration.
You should verify that php is really executed as the apache user. Depending on your configuration it might be possible that php is running under a different user, e.g. if your Apache is set up to use php-fpm.
If the server is a linux system, putting this
<?php
echo "<pre>";
var_dump(posix_getpwuid());
into a file and accessing via the web browser should show you the user informations.
I found the way to solve this issue from here. I have SELinux running on my Centos 7 Virtual Server.
I need to grant httpd permission to read from /home dir using:
sudo setsebool httpd_read_user_content=1
I have been searching for an answer to this for a couple of hours with no clear answer.
I normally write .php scripts which do helpful administrative tasks on my website. I upload them to an ftp folder, and run them from my browser when I need them.
Unlike what I a used to, I am trying to run a script (someone else wrote it) to and have been told that I cannot do so from the browser and I need to do it from the command line. Basically everything is set up, but I cannot push to go button and run the script.
Any ideas? I have php installed on my local computer and can run scripts locally from browser and command line, but I do not know how to do the same for the scripts on my website.
I don't know if this helps, but my server is apache and runs off php version 5.3.3
Download Putty, from http://www.putty.org/
Run it
In "host" write your domain, and click on Open
When the black window open, it will ask you for your credentials:
Write your ssh credentials, if you have. If you dont, try with the ftp user and password.
If it doesn't work...get into your host control panel, and find out how to create an SFTP, or SSH user. If you can't find anything, contact support asking how to create that kind of user. When you have it
After you login, your are inside your server, and you can move around, as you would in linux. If you dont know the basics, find a good tutorial. Or just relay in:
ls : list the files and directories
pwd : know in what directory you are
cd DIRNAME : change to other directory inside de current one
cd .. : change to the parent directory
When you are in the directory where your script lives, just execute:
php yourscrip.php
if its a php script
php path_to_script.php
else
/path/to/script
If its the second option you will need to chmod +x /path/to/script first
These should all be run from a ssh session (or any other way of accessing a command line on the machine running the website)
to ssh to a sever use putty if on windows. Your host will be able to give extra details on how to access
I was experimenting with shell_exec and commands, and I can't seem to get this work. Im using the php shell_exec() function and running a screen capture command to take a snapshot of the desktop. When running the script locally through coda, it works fine. Then i ran it through my installion of apache through htdocs, and it runs, yet it doesn't save the image anywhere? For browsers, do i need to change the directory at all? this is what my super simple script looks like. Is this even possible?
<?
$command = "screencapture -iWP ~/Random/test.png";
shell_exec($command);
?>
I don't currently have access to a Mac to test, but I'd be extremely surprised and more than a little concerned if that did work.
On the server, apache should be running under a different user ID to the logged in user, which means the attempt to grab the framebuffer should fail.
If it did at least write (or try to write) an image, then it will be ~/Random/test.png; e.g. if apache runs as a user called apache, the target filename is ~apache/Random/test.png
OSX is basically UNIX, and a key feature of UNIX-like operating systems is security. The video framebuffer should only be accessible to processes running under the UID of the logged in user (or root). Daemon processes like apache httpd should be running under their own, non-root UID.
You probably have to specify the full path of the executable. Also, specifying the full path of the output PNG would help too because they're different users.
Run the command
which screencapture
To find the path that the executable is located in. The output file must be in a writable directory for the user that apache is running under (usually apache). You can check the user that apache is running under by looking in the apache configuration, or just running "top" (as root).
Hope that helps.
I'm setting up a new server and of course I didn't document every change I did to the last one but I'm getting there.
I have a weird issue, I'm trying to do a simple call in php:
exec('service httpd reload');
And it's not doing anything. I can execute other commands such as tar, I did check php.ini for disabled_functions and it's empty. The username php is using for creating files/folders is "apache" as well.
Does anyone know any other areas I can check? This is a fresh install of php 5.2.x so I'm sure there is a security setting in apache or something blocking this.
Well your apache is most probably running under a normal user account (www-data or apache - it depends on your distribution), but to restart apache (or any other service) you have to be root.
You could use sudo to elevate your privileges.
You can't restart Apache as a normal user, but you should never leave your root password written in a file. If you really have to run that command from php, there's an alternative method.
You can allow certain commands to be run as root by a certain user without specifying a password. To do this you must edit the /etc/sudoers file with visudo and add the tag NOPASSWD to the command you want to run. Here is the example from the man page:
ray rushmore = NOPASSWD: /bin/kill, /bin/ls, /usr/bin/lprm
This would allow the user ray to run /bin/kill, /bin/ls, and /usr/bin/lprm as root on the machine rushmore without authenticating himself.
how can I make sure that Apache/web server user is allowed to execute shell commands? I would like to execute a shell command in PHP script but it doesn't work for some reason (it works when written manually in shell by hand, of course, so the command is surely correct).
I believe the problem is that the user PHP is running under cannot execute shell commands. How can I check that and change the user's rights to use shell?
I'm using Windows 7, Apache 2.2, PHP 5.2.x.
Perhaps this can help:
How to Grant Permissions in Windows 7
Locate the file or folder on which you want to take ownership in windows
explorer
Right click on file or folder and select “Properties” from Context Menu
Click on Edit button in Properties windows Click ok to confirm UAC
elevation request.
Select user/group from permission windows or click add to add other user
or group.
Now under Permission section check the rights which you want to grant i.e
check
I believe your question would be a little more appropriate on this site: https://serverfault.com/
Does the file have execute permissions for the apache user? If only that was Linux, I could be of more help than that...
Your server error logs should have some information on why the shell command failed (permissions, PHP settings etc.). That should give you an indication on how to activate it.
See this comment: http://de3.php.net/manual/en/function.exec.php#97187