duanmeng1862 2017-08-12 12:46
浏览 297
已采纳

从php运行shell脚本作为指定用户

I am trying to run a shell script from a PHP script.

PHP code :

<? php
     $sss = escapeshellarg('virtualbox');
     $result = shell_exec("/home/hani/Desktop/launchscript.sh '$sss' 2>&1 ");
     echo "<pre>$result</pre>";
     echo "<br />";
     echo (shell_exec('whoami'));
?>

my shell script :

#!/bin/bash


sss=$1
echo 'the sudo password' |sudo -S service $1 restart

After I run the PHP code in a web server (Xampp), I got this output :

[sudo] password for daemon: Sorry, try again.
[sudo] password for daemon: 
sudo: 1 incorrect password attempt

daemon

Although, I haven't set any password for the daemon user. And after I checked the current user running the PHP code I found it is daemon.
After many researches here and in the net, I found that daemon can't run sudo commands.
I also found that I can fix this by editing the sudoers file and giving permissions to the daemon user to run sudo commands. However this is not a secured solution.
so my question is : How to run that script via the PHP code but not as a daemon?
PS : I tried this in order to change the current user running the PHP file :

$result = shell_exec(" sudo -u hani /home/hani/Desktop/launchscript.sh '$sss' 2>&1 ");  

But I got this output in the browser :

sudo: no tty present and no askpass program specified

and the user remains daemon.

I am using Xampp in Ubuntu 16.04
Another information, I run this command in the terminal to know the owner of the 'httpd' service :

ps -ef | egrep '(httpd)' | grep -v `whoami` | grep -v root | head -n1 | awk '{print $1}'

the output is : daemon

  • 写回答

1条回答 默认 最新

  • douqin0676 2017-08-12 15:12
    关注

    I think i found a solution ( but still not sure about the security issues).
    It only needs to change the default user (owner) and group of the httpd service. This can be done by editing the httpd.conf located in /opt/lampp/etc (if you are using Xampp). The default user, as I mentioned in the question, is daemon. However it has not permissions to run sudo commands, so it only needs to change that user by another one who has the permissions to run sudo commands (obviously the root user or your deafult user in Ubuntu).

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥50 STM32单片机传感器读取错误
  • ¥50 power BI 从Mysql服务器导入数据,但连接进去后显示表无数据
  • ¥15 (关键词-阻抗匹配,HFSS,RFID标签)
  • ¥50 sft下载大文阻塞卡死
  • ¥15 机器人轨迹规划相关问题
  • ¥15 word样式右侧翻页键消失
  • ¥15 springboot+vue 集成keycloak sso到阿里云
  • ¥15 win7系统进入桌面过一秒后突然黑屏
  • ¥30 backtrader对于期货交易的现金和资产计算的问题
  • ¥15 求C# .net4.8小报表工具