I'm trying to make a open source kiosk like system. When the web browser starts all programs, it will run in the browser using PHP. I've found this link: Program execution Functions. It's using:
<?php
$WshShell = new COM("WScript.Shell");
$oExec = $WshShell->Run("WINWORD.exe", 7, false);
?>
I was able to start Microsoft Word on Windows, but I need to be able to do this on Linux.
This is what I've tried on my Linux server:
<?php
exec("/var/www/test.sh");
?>
But nothing happens. I know that test.sh works because I ran if from the terminal. I use test.sh to start a Python script. The Python script starts a text editor. I've tested the Python script and it works. All I need know is how to start the script from PHP on Linux.
Try out shell_exec.
shell_exec("/var/www/test.sh");
Also, make sure that the executable "permission" is set.
Additionally, you have to run the text editor as the logged-in user (propably you will do this with sudo or so) and to set the DISPLAY environment variable to :0.0 (or whatever is right for you). Example:
add this to /etc/sudoers:
ALL<tab>ALL=(kioskuser) NOPASSWD: ALL
(<tab> means that a real tab belongs there, edit the file by executing visudo as root)
content of the script:
#!/bin/bash
export DISPLAY=:0.0
sudo -u kioskuser /path/to/the/editor/command
I had to change the test.sh owner permission to www-data
then add
Cmnd_Alias RUN = /var/www/test.sh
www-data ALL = (root) NOPASSWD: RUN
To /etc/sudoers then the php code
<?php
shell_exec("sudo /var/www/test.sh");
?>
Related
I want PHP to execute a Python3 script.
I have done
$command = escapeshellcmd('pathtofile.py');
$output = shell_exec($command);
echo $output;
But whenever the script is run, I get an error :Permission Denied.
I'm running a web server (Apache2 on Ubuntu 18.04) and the VPS has only one user- root.
I have also donechmod +x path.py and added the shebang line in the scipt.
Basically, the script is run when a user successfully registers.
You must to add apache user in sudoers file like:
www-data ALL=(ALL:ALL) NOPASSWD:ALL
then you can execute script like this:
'sudo pathtofile.py'
Or you can use compiled wrapper.
Write C program, that executes script, than compile it. Than set sticky bit:
chown root:root wrapper
chmod a+rs wrapper
Than include www-data in the root group.
Now can execute wrapper from your php script, and wrapper will execute python script as root.
I'm new in using Linux, I'm trying to write a PHP code which can run .exe linux compatible file, I've made a short shell script
hello bash script:
#!/bin/bash
./program.exe file.mp4 // file.mp4 is an an input for .exe
echo "Hello World!"
shell.php:
<?php
$output = exec ("./hello ");
echo "<pre>$output</pre>";
?>
Now when I run shell.php using web browser it shows Hello World! but the .exe doesn't run, however when I run php using terminal command php shell.php, It works fine.
I think I'm having problems with permissions but I'm new with Linux and I don't know how to solve this.
Update:
I ignored the shell script and I used
<?php
$output = shell_exec ("cd /var/www/ && ./program.exe file.mp4 2>& " );
?>
also I granted access to program.exe
chmod 777 program.exe
the error I receive in the browser :could not open debug.bin!
use the absolute path to hello executable exec("sh path/to/the/file")
I'm using something similar to call an app compiled with mono on a remote ubuntu webserver and return it's output to the calling script.
For any of this to work properly wine needs to be already installed.
On Ubuntu systems try:
sudo apt-get -y install wine
You then need to know the owner of the web server process. If you are running the apache web server try the following:
cat /etc/apache2/envvars | grep "RUN"
The output will look something like this:
export APACHE_RUN_USER=www-data
export APACHE_RUN_GROUP=www-data
export APACHE_RUN_DIR=/var/run/apache2$SUFFIX
Now that you have the name of the process owner, which in this case is www-data you should ensure the file is owned the user and its group:
sudo chown www-data /var/www/program.exe
sudo chgrp www-data /var/www/program.exe
Finally, we can invoke the application from inside our PHP script by passsing it as a parameter to 'wine' and using its full file path.
<?php
$output = shell_exec("wine /var/www/program.exe file.mp4" );
?>
Any output from the above shell command sent to the command line will be saved in the PHP script variable $output.
It looks like you are trying to do some output redirection with your use of program.exe file.mp4 2>& so I've left that off of the example for clairity.
Try using the absolute path, such as exec("sh /path/to/file")
Generally, php is run as www or apache, so make sure that the execute access permission is granted to all user.
I actually try to laucnh a gnome-term with a php script, seems i have some problems with the users www-data;
my script make only a ls -l command in a directory (is just for a test) and i run it with a php page in my local-web site.
here the gnome-terminal command in my bash script (he run perfectly when i double-click on him) :
gnome-terminal --working-directory=/opt/cuckoo -x bash -c "ls -l"
and here is the call on the php-page :
system("/my/path/to/the/script/script.sh");
i have some echo in my script and i see them in the php page after i try to run the script with the php.page.
i think www-data don't have the right to do so i give the ownership of the script with the chown command, and at last a try the sudo visudo command and make the script execute like the user www-data is root (with NO PASSWD arg)
But i can't open the terminal and make a ls at last, i try with exec too, and show the result with $ouput butthe result is the same as well.
At last my question is : Php can really run a terminal or maybe a fool myself^^? Thanks for taking time to rescure me ;)
PHP can run everything, but depends who spawns it. Forget just running X apps from a web server - you'll need more than just executing them (permissions, DISPLAY and Xauth settings). Read more about the X clients and architecture.
Probably the right place to ask this is at SuperUser, since the problem is not in the coding itself.
I am running Apache on my localhost. From a PHP script run as www-user I would like to control Rhythmbox playback on my machine. So far I have a simple command in my PHP script:
exec('rhythmbox-client --pause');
This works great when I run it from the command-line as me, but if it runs as www-user I guess rhythmbox-client doesn't know/can't access my instance of Rhythmbox.
Is there an easy way for that PHP script to run as my user rather than www-user, or to tell rhythmbox-client which instance to control?
The overall application is that when my phone goes off-hook it calls my PHP script which pauses music, and resumes playback when the phone is on-hook. I love VoIP phones!
Solution:
Thanks to Carpetsmoker and Tarek I used sudo as the answer but there was a couple of problems. To overcome them I did the following:
Created a bash script to call rhythmbox-client. This bash script was executed using sudo in PHP as described in the answer below. Unfortunately rhythmbox-client didn't know what environment to control, so the bash script looks like this:
#! /bin/bash
DBUS_ADDRESS=`grep -z DBUS_SESSION_BUS_ADDRESS /proc/*/environ 2> /dev/null| sed 's/DBUS/\nDBUS/g' | tail -n 1`
if [ "x$DBUS_ADDRESS" != "x" ]; then
export $DBUS_ADDRESS
/usr/bin/rhythmbox-client --pause
fi
Now that bash script can be executed by PHP and wwwuser, and my phone can pause/play my music!
One solution is using sudo(8):
exec('sudo -u myuser ls /');
You will, obviously, need to setup sudo(8) to allow the user running your webserver to invoke it. Editing the sudoers file with visudo(8), you can use something like:
wwwuser ALL=/usr/bin/rhythmbox-client
To prevent Apache from being able to run other commands and only the rythymbox command.
In my case, the solution came this way:
Added this lines to sudoers file:
myuser ALL=(ALL) NOPASSWD: /usr/bin/prlctl
_www ALL=(ALL) NOPASSWD: /usr/bin/prlctl # IMPORTANT!!!
The EXEC() command in PHP was changed to:
exec("sudo -u myuser prlctl list -a", $out, $r);
If a process can be run by any user it can be run by PHP. Example is fortune command
-rwxr-xr-x 1 root root 18816 Oct 1 2009 /usr/games/fortune
Look at the x permission for every user. But this some times doesn't at all work and you may have to let the user, www-data or apache etc, run the program. You can sudo www-data and try to run the command. If it works then Apache/PHP should be able to run it.
I have a script in /var/www/myscript.sh which creates folders and runs the command svn update for my projects. I need to execute this script by calling it in a PHP file in the browser (i.e. Localhost/test.php). I tried using functions shell_exec() and exec() but those did not work. I ran my shell script in terminal with su www-data && ./myscript.sh and it worked. What else am I missing?
<?php
$output = shell_exec("./myscript.sh");
?>
Update 5/4/2011:
I added www-data ALL=(ALL) NOPASSWD:ALL to /etc/sudoers and it works, but this is very insecure. Is there another way to do this?
Several possibilities:
You have safe mode enabled. That way, only exec() is working, and then only on executables in safe_mode_exec_dir
exec and shell_exec are disabled in php.ini
The path to the executable is wrong. If the script is in the same directory as the php file, try exec(dirname(__FILE__) . '/myscript.sh');
You might have disabled the exec privileges, most of the LAMP packages have those disabled. Check your php.ini for this line:
disable_functions = exec
And remove the exec, shell_exec entries if there are there.
Good Luck!
Residuum did provide a correct answer to how you should get shell exec to find your script, but in regards to security, there are a couple of points.
I would imagine you don't want your shell script to be in your web root, as it would be visible to anyone with web access to your server.
I would recommend moving the shell script to outside of the webroot
<?php
$tempFolder = '/tmp';
$webRootFolder = '/var/www';
$scriptName = 'myscript.sh';
$moveCommand = "mv $webRootFolder/$scriptName $tempFolder/$scriptName";
$output = shell_exec($moveCommand);
?>
In regards to the:
i added www-data ALL=(ALL) NOPASSWD:ALL to /etc/sudoers works
You can modify this to only cover the specific commands in your script which require sudo. Otherwise, if none of the commands in your sh script require sudo to execute, you don't need to do this at all anyway.
Try running the script as the apache user (use the su command to switch to the apache user) and if you are not prompted for sudo or given permission denied, etc, it'll be fine.
ie:
sudo su apache (or www-data)
cd /var/www
sh ./myscript
Also... what brought me here was that I wanted to run a multi line shell script using commands that are dynamically generated. I wanted all of my commands to run in the same shell, which won't happen using multiple calls to shell_exec(). The answer to that one is to do it like Jenkins - create your dynamically generated multi line of commands, put it in a variable, save it to a file in a temp folder, execute that file (using shell_exec in() php as Jenkins is Java), then do whatever you want with the output, and delete the temp file
... voila
If you are having a small script that you need to run (I simply needed to copy a file), I found it much easier to call the commands on the PHP script by calling
exec("sudo cp /tmp/testfile1 /var/www/html/testfile2");
and enabling such transaction by editing (or rather adding) a permitting line to the sudoers by first calling sudo visudo and adding the following line to the very end of it
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/testfile1 /var/www/html/testfile2
All I wanted to do was to copy a file and I have been having problems with doing so because of the root password problem, and as you mentioned I did NOT want to expose the system to have no password for all root transactions.