Dear Bill, Thanks for you fast response.
Well, It seems close, but I have not gotten it to work yet. I made a shell script like you said: /usr/bin/nltests/restart_sendmail.sh #!/bin/sh service sendmail restart echo dun!!! I set the permissions to 755 set File owner to root set File group to root Modify my script to call it: @results = `/usr/bin/nltests/restart_sendmail.sh`; and I am still having the same problem. I even tried to set the owner and group of the purl script to root just a little more info If I run restart_sendmail.sh from a terminal, it works I wrote a test sh script to just list the directory (ls) and that works when I call is from my purl script. So, do you have any other suggestions, or do you notice if you overlooked something or misunderstood some of your instructions. Sincerely, Nonlin ----- Original Message ----- From: "Bill Luebkert" <dbec...@roadrunner.com> To: "nonlin" <non...@erols.com> Cc: <perl-unix-users@listserv.ActiveState.com> Sent: Tuesday, November 03, 2009 5:22 AM Subject: Re: [Perl-unix-users] Permistion Problem when run from the Web > nonlin wrote: > > Dear Friends, > > > > I know this is not directly a Unix problem but since this is happening > > in Fedora Lenix I though your the best group to help me with this Issue. > > > > I need to execute some root level UNIX commands and access some root > > level files from an script that is executed from the web. To be more > > specific, the script I am writing needs to restart sendmail. Example of > > "restartemail.pl": > > ------------ > > #!/usr/bin/perl -- > > > > use CGI ':standard'; > > > > @results = `service sendmail restart`; > > > > print "@results\n"; > > ------------ > > > > If I am login in as the root on the server and run this script, IT WORKS > > perfectly! > > > > But if I call this script over the web into a browser. It FAILS! because > > 550 Permission denied (real uid not trusted). > > > > Now, I know that this limitation was set up for my protection, but I am > > writing a script that don't let the user do what ever they want. The > > script is in full control of what is happing on the server and not the > > user, so their is really no real risk hear. I just need to get around > > this limitation to get the job dun. > > > > Does anyone know how to make this work. > > Write a shell script that is setuid root and call that script from your > Perl script. Make sure you watch out for any possible misuses of the > script and code around them. > > EG: > Make a setuid script named restart_sendmail.sh that does the restart and > store it somewhere appropriate (eg: /usr/bin, /usr/local/bin, ...) then > call the shell script from the Perl script similar to what you were doing: > > @results = `/usr/bin/restart_sendmail.sh`; > > Or you can pass args like you were, but probably safer not to. You may also > want to verify sendmail isn't running the the script if sendmail doesn't > want multiples running (unless sendmail already handles that itself). _______________________________________________ Perl-Unix-Users mailing list Perl-Unix-Users@listserv.ActiveState.com To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs
