Hi all
Quick question regarding permissions under Linux. I want to call a shell script from a php page that will start an application on the machine.
To test this out, I've had a go executing 'uptime' from a php page and the results are returned to the browser, minus the number of users logged in.
I've had a read around and am still a little confused as to how this works with Linux file permissions. Presumeably if the Apache user has execute access to the script, it will run, but if the script itself fires off other applications do these also need to be executable by the Apache user?
Really after a little thought what I want to be able to do is to call a script to be executed as another user (NOT root but not www/apache either) from a php page. I think this is acceptable as the script in question takes no user input, it merely executes.
Can anyone walk me through the best way to do this ? I've had a read around and initally thought suExec might be what I was looking for, but the tutorial didn't really help with this particular problem.
TIA
Calling shell scripts from PHP as other users
Moderator: General Moderators
In a regular script you can su - / sudo to become a different user (and gain his privileges). Another possibility is to allow the script to run as the owner of that script (chmod +g). But i don't know how well apache likes these..
You can also use the su_exec apache module that does this.
But i've got a feeling that it's clearer if you simply give privileges to all users that need privileges (in your case this is the user that runs apache)
You can also use the su_exec apache module that does this.
But i've got a feeling that it's clearer if you simply give privileges to all users that need privileges (in your case this is the user that runs apache)
One Possiblity will be executing system command
which executes any command on linux server
I hope this can help
Thank You
which executes any command on linux server
Code: Select all
system('su user', $return_variable);
$dir="script dirrectory path here";
chdir($dir);
system('$dir."/".file.sh');Thank You
In order to execute a script you need to have both read and execute permissions (the script is read first then executed). If it's a binary then just execute permissions are required.
When a script is executed any subsequent calls to other scripts/binaries are executed under the user which called the originating script.
You may want to look into using PHP as a CGI with Apache and suexec or alternatively setting the SUID of the script may be a better alternative.
When a script is executed any subsequent calls to other scripts/binaries are executed under the user which called the originating script.
You may want to look into using PHP as a CGI with Apache and suexec or alternatively setting the SUID of the script may be a better alternative.