Executing shell_exec() as root user

@devel95Feb 09.2010

Does anyone have a sample code line that shows the proper and successful use of the shell_exec() function to run as root?

I have tried numerous ways to get it to work and I continue to either get permission errors or “sudo: must be setuid root” errors.

Further, is it possible to successfully use shell_exec() as root without having to make tweaks to the server?

to post a comment

PHP

17 Comments(s) _↴

@MindzaiFeb 09.2010 — #Have you tried using the suid bit? ie adding your commands to a shell script, chmod-ing the file to 4711, and chown-ing to root.

@devel95authorFeb 09.2010 — #Yes, I tried that earlier.

Here is the bash file's perms:

-rws--x--x 1 root nobody 209 Feb 9 09:01 test.bash*

Here is the error_log entry:

/bin/bash: /home/drd/public_html/app/shell/test.bash: Permission denied

Do you have a sample line of code of the way to use shell_exec() as root?

@devel95authorFeb 10.2010 — #If anyone has ever had any success with the shell_exec() function, I would greatly appreciate some help. Thanks.

Basically I am trying to create a flat text file above the web document root directory and save a few lines of text. Given my web user ("nobody") does not have directory permissions to this location, I am trying to evoke a bash script that I wrote to assist me with my objective. Everything works except the fact that I cannot get shell_exec() to run as root for a moment in order to allow the bash script to do its thing.

If anyone has ever achieved this objective in a way other than shell_exec() running as root, please let me know.

Also, storing values in a db table and running a cron task every 1-minute (which seems to be the most popular answer) will not work for me because the file I am trying to create is meant to hold my db connection string credentials. Thus I do not have access to the db at this point in the process.

Thanks again.

@devel95authorFeb 11.2010 — #(One last time) has anyone ever had any success running shell_exec() as root?

@criterion9Feb 11.2010 — #Running shell_exec as root is a very dangerous thing which is probably why you are finding it so difficult to achieve without opening the server to wide spread attacks.

As an alternative solution consider the following. If you are trying to store your configurations in a directory that is not publicly accessible you can refuse http connections using .htaccess and use PHP to read/write the files. Then you just pick a sub folder that your php user has access to and you are good to go.

@devel95authorFeb 11.2010 — #Nice, I can definitely live with this solution. Thanks for the tip.

What does the instruction in the .htaccess file look like?

Is it:

Deny from all

?

I think that's it...just created a dir and put a simple php script there. Then tried to run from browser and got 403 Forbidden error -- that's perfect.

Next I will try to read/file text files in that dir.

Thanks "criterion9" -- but please confirm I have the correct .htaccess directive and I have set it up properly so far

@criterion9Feb 11.2010 — #It looks right to me. You should only be able to access items within that directory from the filesystem that way.

@devel95authorFeb 12.2010 — #Well, the concept was cool, but it doesn't work.

I can't create directories or files without proper permissions. The directory that I use to hold this file has the owner and group of the ftp user that did the initial upload which is different than the owner/group of web (in my case "nobody").

So I get permission denied.

I am trying to build an install script that runs from the web. I want users to be able to setup and install this app without having to have shell access to do chmod's, or chown's or chgrp's. I was hoping that shell_exec() would be the answer. Not really sure what the value in shell_exec() is.

So I am back to square one ... I need to be able to run as root or some user "out of the box" with permissions to do so.

@devel95authorFeb 12.2010 — #I have a new thought on this..."criterion9" has me thinking.

Can I use basic authentication through .htaccess to allow my FTP user to login to a directory or even "root" to login?

Or do I really need to make users and passwords that the basic authentication directive pulls from?

@criterion9Feb 12.2010 — #Change the perms to group nobody on the folder in question. That should fix your permissions problem while still allowing the ftp user to upload.

@devel95authorFeb 12.2010 — #Thanks criterion9...actually I did know that ?

My objective is to not have the user doing the install be required to have shell access to the server in order to do the chgrp. Many hosting companies will not grant customers root or shell access

@criterion9Feb 12.2010 — #Create the folder in PHP in the first place. That is probably your easiest solution since the permissions will be correct that way from the start (though the FTP user may or may not still have access). That is a very common way for install scripts to manage folders plus that will give the opportunity for the script to prompt for the information in the first place.

@devel95authorFeb 12.2010 — #Create the folder in PHP in the first place. That is probably your easiest solution since the permissions will be correct that way from the start (though the FTP user may or may not still have access). That is a very common way for install scripts to manage folders plus that will give the opportunity for the script to prompt for the information in the first place.[/QUOTE]

I've been trying to do that but keep getting perm denied errors. Do you have a snipit code sample by chance?

@criterion9Feb 12.2010 — #You mean mkdir examples?

@devel95authorFeb 12.2010 — #You mean mkdir examples?[/QUOTE]

Here's my simple script:
[code=php]mkdir($_SERVER['DOCUMENT_ROOT'].'/app/config2/',0777);[/code]

Here's my result (from error_log):

[Fri Feb 12 10:44:09 2010] [error] [client 123.456.789.012] PHP Warning: mkdir() [<a href='function.mkdir'>function.mkdir</a>]: Permission denied in /home/drd/public_html/app/test.php on line 7

@criterion9Feb 12.2010 — #If the install script is already being run within your app directory try just:

[code=php]
 mkdir('config2');
 [/code]

You might check that the "app" directory has write permissions for user and/or group nobody.

@devel95authorFeb 12.2010 — #Well, the primary objective (way back from the beginning) was to create a separate directory that has a "Deny from all" directive to keep the web out. So the script that runs does not reside in the restricted dir.

Secondly, I do not want the user doing the install to have to chgrp the dir to "nobody". I am taking the position the hosting company will not grant root or shell access to the server.

So maybe this is just not a solvable problem. However, makes me wonder how the tried and true CMS's and cPanel's out there do it...

Also in #PHP _↴

How to send an email from a Suggestion Box anonymously Map Co-Ordinates Receive email

Success!

Help @devel95 spread the word by sharing this article on Twitter...

Tweet This

Executing shell_exec() as root user

17 Comments(s) _↴

Also in #PHP _↴

Success!

Social

Version

Executing shell_exec() as root user

17 Comments(s) ↴

Also in #PHP ↴

Success!

The web is an endless sea of information. Don't miss the boat... Subscribe!

Social

Version

17 Comments(s) _↴

Also in #PHP _↴