I have a PHP script which contains a shell_execute()
and the command it executes normally requires sudo. I've edited the sudoers with visudo to contain the following:
www-data ALL = NOPASSWD: /var/root/node/npm/node_modules/less/
%users ALL = NOPASSWD: /var/root/node/npm/node_modules/less/
I suspect either should work, but I went with the belt-and-suspenders approach to be sure.
I'm editing etc/sudoers with vim, so after adding these lines, I do :x and everything works. My PHP script does what it's supposed to... for about 10-15 minutes. Then the script stops working. Specifically, the shell_exec()
stops working.
If I do sudo visudo
again, my new lines are still there. But only when I save it again does the script start working again.
Can anyone tell me why this might be happening? I have two guesses that aren't very good:
- There is some sort of grace period that starts when I
sudo visudo
and this is what's allowing my script to work (but only until it expires). - The new data in etc/sudoers is staying in sudoers.tmp (the "Lock file")... Neither of these add up to me.