I am trying to run adb from PHP using:
exec( 'adb devices', $output, $return_val );
but I get 126 error.
I think the problem is that php is running as 'www-data' user and does not have permissions to execute adb.
Any solutions?
Check this site out:
http://bzed.de/posts/2009/05/howto_set_android_developer_device_permissions_with_udev/
And add www-data to androiddev.
You need to add your specific model to the udev-lines. You can find the vendor- and product-id by connecting your phone to your computer and executing lsusb in a terminal.
You get something like:
Bus 001 Device 002: ID 413c:a001 Dell Computer Corp. Hub
where 413c is the Vendor ID and a001 is the ID of the product. Of course, your cell phone should be the line instead of "Dell Computer"...
Good luck!
If you are working on Windows, the easier solution that I know is:
Create a file.bat with the order adb devices and the variables $1 and $2.
Call the file.bat with php using exec command
That should work.
If you are working on Linux, use a /bin/bash. And use the same procedure.
Your friend google will help you if don't know how to do the scripts.
Although this is not a solution for 126 error, it's a way to run adb from php on Linux Debian 8.
If you have installed android-tools-adb, surely have noted that a new group has be created: adb, the user www-data must belong to it:
usermod -a -G adb www-data
And if you have using a Android version greater than or equal to 4.4.2 you need to accept RSA key fingerprint on screen on your cell phone, that at the same time makes a hidden directory in your computer named .android on user home path, there, will be stored both adbkey and adbkey.pub files, running:
cat /etc/passwd | grep www-data
You get
www-data:x:33:33:www-data:/var/www
Therefore, /var/www is for www-data user,
So, I changed its group from root to www-data
chown root:www-data /var/www
Then, I set write permissions
chmod 775 /var/www/
Now, .android directory can be created. Despite the message when you're going to accept RSA key fingerprint says: "Always allow from this computer", you must accept each user for computer if adb command is being used by different users on the same computer
And you can just try the adb command as www-data user, executing: (as root)
sudo -u www-data adb devices -l
I hope this helps someone else
Related
I want to allow users to execute a bash script that contains sensitive data. Thus, I don't want them to have reading permissions. A 'direct' solution seems to be impossible, but I may have found a workaround in the expect man page:
Create the Expect script (that contains the secret data) as usual.
Make its permissions be 750 (-rwxr-x---) and owned by a trusted group,
i.e., a group which is allowed to read it. If necessary, create a new
group for this purpose. Next, create a /bin/sh script with permissions
2751 (-rwxr-s--x) owned by the same group as before.
I've tried to replicate this as follows:
In a folder, I have two scripts:
script.sh:
#!/bin/sh
echo "targetscript echo"
runscript.sh:
#!/bin/sh
echo "runscript echo"
groups
./script.sh
I gave them the rights as suggested in the man page:
groupadd scriptrunner
chown {myusername}:scriptrunner runscript.sh
chmod 2751 runscript.sh
chown root:scriptrunner script.sh
chmod 750 script.sh
The output of ls -l appears to be alright:
-rwxr-s--x. 1 {myusername} scriptrunner 51 Aug 25 13:04 runscript.sh
-rwxr-x---. 1 root scriptrunner 35 Aug 25 13:01 script.sh
However, when I run ./runscript.sh without root, I get the following error:
runscript echo
{myusername} wheel
./runscript.sh: line 4: ./script.sh: Permission denied
I don't know what went wrong. Can anyone help me?
I'll go back to the root problem as I think it's easier to solve without the expect hack.
So, what you need is having the execute permission on your script but not the reading permission. That is only possible for binaries (i.e. not interpreted scripts)- see details here https://unix.stackexchange.com/questions/34202/can-a-script-be-executable-but-not-readable
So maybe you'll be better off by first compiling your bash script into a binary (with shc - see here https://unix.stackexchange.com/questions/64762/how-to-convert-a-shell-script-into-a-binary-executable) and then set the execute only permission on the binary. Afterwards your users should be able to execute (but not read) the binary.
I want to access my environment variables into a php file through the web user.
Not when i execute printenv on the server, that particular environment variable gets displayed, but on running it as a web user, sudo -u www-data printenv it is not displayed.
My server is an apache server hosted on Ubuntu 14.04 on DigitalOcean, any help would be much appreciated.
Thanks
You can get most environment variables through $_ENV.
First, check you can get the data you want "manually", on your shell :
sudo su yourusername -c printenv
Is this the data you are looking for ? You were asked a password, right (should be in most case)?
For www-data can acces your environnement variable, it should log "as you" for check, so it ask for a password and fail, as we don't passed it through php. And we won't.
The proper way for doing this, without security issue, is to use sudoers, wich allow some user to do some commands without being asked a pass.
To use it, run the command visudo as root, then add this at the end of the file
www-data ALL = NOPASSWD: su yourusername -c printenv
Now the provious command can be runned from the user www-data without pass, so PHP can use it.
Edit: this way you can't access user environnement without knowing their username, but it's fine for your own use.
I'm trying to display my PIs temperatures in a website that I can access anywhere at any time.
So far I've been able to get the CPU and GPU temps working. However my HDD temp won't show in the browser. It works fine in terminal.
Here is a pic:
As you'll notice I didn't have the GPU temp showing either, however this was fixed by using the following command:
sudo usermod -G video www-data
I haven't been successful in getting this to work for smartmoxntools, though.
Does anyone know how to make it work?
Also, is it safe to have these in an external website? Can hackers inject php code to run shell commands using it?
in order to run some root privileged command in website, you need to put www-data in your /etc/sudoers to allow the www-data to run as root for the command, here is the line you need in /etc/sudoers:
www-data ALL=(root) NOPASSWD: /usr/sbin/smartctl
When executing under your web server, your script will probably have a different PATH configured, so it will run differently from how it runs in the Terminal.
Try putting the full path to smartctl in your script, e.g.
sudo /usr/local/bin/smartctl -A -d sat /dev/sda | awk '/^194/ {print $10}'
I successfully installed gammu in ubuntu 11, and send text message using command line.
echo "TEXTMESSAGE" | gammu sendsms TEXT mobilenumber
My problem is, when I use exec function in my php script I always have the following errors:
Warning: No configuration file found!
Warning: No configuration read, using builtin defaults!
Error opening device, it doesn't exist.
Thanks for the help
You are missing the .gammurc and the defaults fail to detect your device.
Try running gammu-detect. It should say something along the lines of
[gammu]
device = /dev/ttyUSB0
name = Phone on USB serial port HUAWEI_Technology HUAWEI_Mobile
connection = at
If that does not work, run gammu-config and manually set up port and connection.
Just resolved the similar trouble. In my case gammu was executed under nagios user, so that it was not able to find the configuration file until I placed it in /etc/gammurc.
According to gammu documentation on Linux, MacOS X, BSD and other Unix-like systems, the config file is searched in following order:
$XDG_CONFIG_HOME/gammu/config
~/.config/gammu/config
~/.gammurc
/etc/gammurc
My file was in /home/user/.gammurc, but when I executed it under nagios user "~" was a different directory, so that gammu was not able to find it.
Now permissions:
In order to gain access for your user to /dev/ttyUSB0 (use your path) you should add nagios (in your case www-data or whatever it is) user to dialout group this way:
sudo usermod -a -G dialout nagios
And then set the SUID bit on gammu to allow nagios (www-data in your case) execute it on behalf of the root:
sudo chmod 4755 /usr/bin/gammu
Try to execute gammu on behalf of the root (you could use su command)
Hope it would be useful.
You can change de path of .gammurc by doing this:
Copy the file (.gammurc) located on the root and past it on /etc.
cp .gammurc /etc/gammurc
Don't forget to remove the dot.
I use it raspberry Pi , the directory of gammu may change on your environment
I am trying to backup all the files on our server using some SSH commands via PHP and I have a script working to some extent.
The problem is that only some of the folders actually contain any files but the folder structure seems to be correct though.
This is the script I am using:
<?php
$output = `cd /
ls -al
tar -cf /home/b/a/backup/web/public_html/archive.tar home/*`;
echo "<pre>$output</pre>";
?>
I cant even view the files via SSH commands, an example of this is the test account. If I use the following command I am unable to view the website files.
<?php
$output = `cd /home/t/e/test/
ls -alRh`;
echo "<pre>$output</pre>";
?>
But if I use the same commands on the a different account I am able to see and download of the website files.
Is this a permission problem or am I missing something in my script?
Thanks
ls -l / | grep home
the output will be like this:
lrwxr-xr-x 1 root wheel 8 Mar 30 14:13 home -> usr/home
In my case, the owner is root, and the root user its primary group is wheel, so now we add www-data user to wheel group so he can list files in there:
usermod -a -G wheel www-data
You can download some files because they located in directory owned by www-data user, and when you can't, www-data has no permission in that.
I think it permission problem, try to give apache user(or what you set it) permission to read /home/* directory's.
To find the user name that used by apache service run this:
For linux:
egrep -iw --color=auto 'user|group' /etc/httpd/conf/httpd.conf
For FreeBSD:
egrep -iw --color=auto '^user|^group' /usr/local/etc/apache22/httpd.conf
My guess is that PHP is running in a chroot.
If you just want to execute a backup, consider doing it in a different language. Especially if it is just a sequence of UNIX commands, write a shell script. Perhaps more details on what this script will be used for and who is providing and maintaining your hosting will be useful.