Using PHP I would like to be able to list root's crontab.
I am able to run the following command as the Apache user from the command line and get the desired result:
sudo crontab -l
however, in my PHP I have the following command which does not work and returns an empty set:
exec('sudo crontab -l', $out);
print_r($out);
Is it environmental? Or permissions?
I have also tried shell_exec() system() and passthru()
Also, note that I have disabled SELinux and added Apache to the sudoers file so that it does not need to be prompted for a password.
Solved: Even though I had set error reporting on, you must redirect the output of the command like so:
exec('sudo crontab -l 2>&1', $out);
var_dump($out);
After setting this, I found the following error:
sudo: sorry, you must have a tty to run sudo
Following research of the issue, the resolution is to edit the sudoers file and comment out: #Default requiretty.
http://www.zimbra.com/forums/installation/10553-solved-sudo-sorry-you-must-have-tty-run-sudo.html
I apologize as I got further into this issue, it became less of a PHP issue and more of unix system question.
Related
I get this error when running a program from www-data.
Error
sudo: no tty present and no askpass program specified
But I have added the following to sudo visudo
www-data ALL = NOPASSWD: /var/bin/poppler-0.65.0/build/utils/pdfimages
The path /var/bin/poppler-0.65.0/build/utils/pdfimages is correct.. I have tested it from a terminal.
Command
sudo /var/bin/poppler-0.65.0/build/utils/pdfimages -list
data/scan_voucher/17.pdf
As you said that already setting up sudo visudo correctly, I will first take a look at Tarun Lalwani links, specially the part about disable requiring tty in your sudoers :
Defaults !requiretty
Try to do the same command but with flag -S actived (sudo -S yourcommand)
The -S (stdin) option causes sudo to read the password from the
standard input instead of the terminal device.
If it doesn't work for you, you can try a trick that seems to work like this one (from here):
echo '' | sudo -S your_command
That will send an empty password to first prompt to enter password.
How are you executing this from PHP? Try with:
#exec("sudo /var/bin/poppler-0.65.0/build/utils/pdfimages -list data/scan_voucher/17.pdf");
Hope that it helps!
i am trying to execute pkill command by php script.
killengine.sh script runs fine from terminal, both with ./killengine.sh and php restart.php.
this is killengine.sh
#!/bin/bash
sudo pkill -f engine
and this is restart.php
$out = shell_exec("/var/www/killengine.sh 2>&1");
var_dump($out);
Both files have 755 permissions. Ownew of restart.php is apache, and root is owner of killengine.sh. Also i tried with both owners to be root/apache.
In visudo i made this changes:
Defaults:apache !requiretty
but i get: "sudo: no tty present and no askpass program specified"
Then i tried with
Defaults!/var/www/killengine.sh !requiretty
then i get: "sudo: sorry, you must have a tty to run sudo"
Also, this line is present all the time at the EOF
apache ALL=NOPASSWD: /var/www/killengine.sh
but without success.
OS is Centos 6
Any ideas?
solution:
changed restart.php to
$out= #shell_exec("sudo /var/www/killengine.sh");
On my Raspberry Pi Model B-Rev2 running Raspbian 3.10.25 I following the instructions on https://github.com/ronanguilloux/php-gpio to control the pins. But I simple cannot get it to work. According to instructions this should be the command in triggerMyScript.php:
exec('sudo -t /usr/bin/php ./myGpioScript');
But depending on content in myGpioScript I get errors in Apache log error.log saying stuff like command not found and No such file or directory.
I have also made additions to /etc/sudoers as instructed.
It works perfectly fine if I run php triggerMyScript.php from the command line.
After spending several hours I found the solution. I needed to do the following things beside what the instructions on php-gpio says:
in myGpioScript the first line had to be #!/usr/bin/php instead of #!/usr/bin/env php
I had to add php after -t, like this: exec('sudo -t php /usr/bin/php ./myGpioScript'); (which makes sense when you think about it, but instructions doesn't say it like that)
I had to add this to the sudoers file: www-data ALL=NOPASSWD: /usr/bin/php - so that www-data can also run php without limitations. Specifying permission for the actual script files was actually not necessary!
File permissions on any of the files are not relevant either, so just leave them low.
Well, i have this program i need to run via either functions however it is located on my dekstop (this ubuntu 11.04).
I moved it to /home/Username, but no dice.
I run
$blah = exec('sudo | echo mypassword | /home/server1/program commandhere', $test);
var_dump($test);
var_dump($blah); ?>
The output is nothing.
I was told if i wanted to run it via sudo i needed to add the Apache user which is www-data to the sudoers list, i added it, but no luck again.
Basically, i've tried A LOT of things, it just wont run. Why?
EDIT:
If i paste that into the terminal it works great, just not with exec,system nor passtrhu.
Use echo mypassword | sudo -S instead.
It also depends on which user has sudo privileges. If you want to run this from the apache process, you need to give the apache user sudo privileges as well.
Also, just to clarify, the command should be:
echo mypassword | sudo -S /home/server1/program commandhere
Look into your security log. Not sure where this is on Ubuntu, possibly /var/log/secure or /var/log/messages. I'm betting that you find a message there similar to sudo requires a TTY, or sorry, you must have a TTY to run sudo indicating that sudo is configured not to work without a real interactive shell. That is, sudo won't permit you to use it in a script or to be called by an external program.
I recently dealt with this issue myself while trying to bind a Gnome keyboard shortcut to a sudo command.
If this is the case, you'll need to comment out the following line in /etc/sudoers
#Defaults requiretty
Here's my command:
sudo /usr/local/bin/jpegoptim --max=50 /home/someuser/public_html/reports/images/r121662.jpg
This command is supposed to compress an image. I tried running this command using backtick operator and shell_exec, neither will work. The file doesn't compress.
But this command runs when I run it directly in the shell logged in as someuser. I've modified sudoers to accept the command without requiring a password. The file is compressed when I run it in the shell.
Apache is configured to run with suPHP, and the PHP files belong to someuser as well. I've further ensured this by writing a test php script just saying system(id); and running it in the browser. That tells me that the script is indeed being run by someuser.
Also, safe_mode is off.
EDIT: Ok, I got it to output the error
sudo: sorry, you must have a tty to run sudo
Now, what does it mean?!
Thanks to Catalin , I was able to get an output. It said sudo: sorry, you must have a tty to run sudo which required requiretty to be disabled for someuser. That is the best solution I got, if there's a way to disable requiretty for a single user calling a single command, please let me know.
sudo typically requires terminal input (i.e., must have a tty) as it will attempt to ask the user for a password before allowing you to execute a command. Do you really need to use sudo to run the command? Try removing the sudo.
Try sudo -S to see if setting it to read the password from stdin (even though it doesn't need one) will bypass the test for a tty.