Re: sudo permissions trouble on RedHat 7.3

From: Kevin Collins (spamtotrash@toomuchfiction.com)
Date: 04/11/03


From: spamtotrash@toomuchfiction.com (Kevin Collins)
Date: 10 Apr 2003 15:09:53 -0700

Kevin Rodgers <ihs_4664@yahoo.com> wrote in message news:<3E948A3D.5010307@yahoo.com>...
> Jim Closky wrote:
>
> ...
>
> > To begin, I set up a single php page and tried to do an "ls"
> > command to see if I could return the ls results to the page. Executed manually, it
> > works, but it won't execute from the php page. Can someone tell me what I missed?
> >
> > Here's the shell script
> > #! /bin/bash
> > /usr/bin/sudo
> > ./script
> > ls >> list.txt
> >
> >
> > Here's the php script:
> > <?
> >
> > $script = 'script';
> > exec($script);
> >
> > include ("list.txt");
> > ?>
> >
> >
> >
> > Here's the sudoers file
> > ## I know this is insecure, I gave apache all permissions temporarily for testing
> > purposes.
> > apache ALL=NOPASSWD: ALL
>
> Perhaps the problem is that the httpd daemon runs as user nobody, not user
> apache.

That is possible - but it depends on the system. My systems run under
user "apache", too.

Your PHP is could be done a lot better, and (though I am not 100%
positive) I believe the include() is processed before the exec().

>From your shell script, I assume that your system is configured to
start a shell when no options or arguments are passed? If so, I'm also
wondering if you shell script ever exits, because is starts a new
(root) shell, runs "script" and "ls", but never exits! A better way is
to call you command or script directly with sudo.

Here is some better code:

<?php
$script = '/usr/bin/sudo ls';
system($script);
?>

or

<?php
$lsout = `/usr/bin/sudo ls`
print $lsout;
?>

Hope that helps...

Kevin



Relevant Pages

  • Re: PHP web interface for shell script or command
    ... a configurable shell script or OS command. ... within the javascript window by reloading the window. ... PHP class. ... The root problem I'm trying to work around is I have a shell script ...
    (comp.lang.php)
  • Re: i cant call subversion from php with shell_exec()
    ... But when I put it in a PHP script ... "svn update" command never run. ... So apparently PHP does have permission to run the svn update command. ...
    (comp.lang.php)
  • Re: [PHP] Catch STDERR
    ... into your PHP script? ... Or do you just need STDOUT in one variable, and STDERR in another, ... Another option is to try to write a .sh shell script to get what you ...
    (php.general)
  • HELP! Really anoying apache/php problem
    ... outcome in text files (programmed in harbour, ... run it again from the command line it works great (so i think it's no rights ... and run it like 'php test.php' it works great!, but if i include it in an ... set_time_limitin my script, ...
    (alt.php)
  • Re: [PHP] SSH and php
    ... % % Is it possible to run a SSH command from php? ... it's possible to run any command from php. ... There are ways to do that -- I personally would create a kick script ...
    (php.general)