Justec
08-20-2007, 01:20 AM
On my old server I was able to use the sudoers file to run a script from PHP (apache) as a non-privileged user with a limited command list.
I set this up on my new server and tested on SSH by giving apache a /bin/bash and su'n to apache. While on shell as user apache I was able to do...
/usr/bin/sudo -u theuser /usr/bin/kill 12345
This would kill process 12345, but when trying to do it using PHP exec() it doesn't work.
exec("/usr/bin/sudo -u theuser /usr/bin/kill $process", $out, $ret);
I setup the visudo the same as it was on the prior server.
Went from CentOS4 > CentOS5 which also means PHP4 to PHP5
I've tried a bunch of things and just can't figure it out. I am thinking it must be PHP b/c I am able to use it from the command line.
I also tried running PHP from command line and the above exec() that doesn't work from the browser did work as shell user apache using command line php.
Any ideas? :confused:
I set this up on my new server and tested on SSH by giving apache a /bin/bash and su'n to apache. While on shell as user apache I was able to do...
/usr/bin/sudo -u theuser /usr/bin/kill 12345
This would kill process 12345, but when trying to do it using PHP exec() it doesn't work.
exec("/usr/bin/sudo -u theuser /usr/bin/kill $process", $out, $ret);
I setup the visudo the same as it was on the prior server.
Went from CentOS4 > CentOS5 which also means PHP4 to PHP5
I've tried a bunch of things and just can't figure it out. I am thinking it must be PHP b/c I am able to use it from the command line.
I also tried running PHP from command line and the above exec() that doesn't work from the browser did work as shell user apache using command line php.
Any ideas? :confused: