Re: [PHP] permissions with bash scripts in php?
Jason Wong wrote: > On Tuesday 13 January 2004 06:46, Jas wrote: > > [Please trim your posts!] > > >>Just tried that and I am getting the same error. I guess what I am >>really looking for is a way to have apache restart the service without >>adding the apache user in the 'sudoers' file. > > > If you really must restart system services over insecure interfaces such as a > web browser then consider using something which was 'tailor-made' for the > purpose eg Webmin. Webmin is not ideal, but since you are having to ask the > question I would assume that it would be better than anything you could come > up with at this moment in time. > > If you still want develop your own, then have a look in the archives for > possible solutions using sudo, or cronjobs. > So instead of having a function to run a bash script which would restart the dhcp service after a new dhcpd.conf file has been written (which would run under the same user as the httpd service). You are suggesting to run a cron job which would maybe run every 5 or 10 minutes to run the bash script which restarts the service? Would this be the most secure method of accomplishing such a task? Or is there a way to put a hook in the bash script which php could execute as a privledged user? Thanks for the insight, Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] permissions with bash scripts in php?
On Tuesday 13 January 2004 06:46, Jas wrote: [Please trim your posts!] > Just tried that and I am getting the same error. I guess what I am > really looking for is a way to have apache restart the service without > adding the apache user in the 'sudoers' file. If you really must restart system services over insecure interfaces such as a web browser then consider using something which was 'tailor-made' for the purpose eg Webmin. Webmin is not ideal, but since you are having to ask the question I would assume that it would be better than anything you could come up with at this moment in time. If you still want develop your own, then have a look in the archives for possible solutions using sudo, or cronjobs. -- Jason Wong -> Gremlins Associates -> www.gremlins.biz Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- /* What's all this brouhaha? */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] permissions with bash scripts in php?
Jake McHenry wrote: - Original Message - From: "Jas" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, January 12, 2004 4:47 PM Subject: [PHP] permissions with bash scripts in php? Something I have never tried... seems fairly straight-forward but I am running into problems. My problem is that I need to call system to restart a daemon service like so... /tmp/error "); ?> Script contains this command... #!/bin/bash /path/to/dhcpd -cf /path/to/config/dhcpd So far so good right? I mean it works from a command line so why not from php. Lets check some permissions... httpd as Apache:Apache script.sh as Apache:Apache Upon inspection of 'error file' in /tmp I find this... unable to create icmp socket: Operation not permitted Can't create new lease file: Permission denied And... Can't bind to dhcp address: Permission denied Please make sure there is no other dhcp server running and that there's no entry for dhcp or bootp in /etc/inetd.conf. Also make sure you are not running HP JetAdmin software, which includes a bootp server. So lets set a sticky bit on the script.sh and /path/to/config/dhcpd $> chmod 1777 /path/to/config/dhcpd $> chmod 1777 script.sh So far so good but I am still recieving the same error, if anyone has some good tips on what would be the most efficient & SECURE way of starting this service please point me to the tutorial Thanks a ton. Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php is the apache user and group able to run the script from the command line? I know under rh9, you have to be root to start / stop / restart just about all the services. Just an idea. Jake Just tried that and I am getting the same error. I guess what I am really looking for is a way to have apache restart the service without adding the apache user in the 'sudoers' file. Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] permissions with bash scripts in php?
- Original Message - From: "Jas" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, January 12, 2004 4:47 PM Subject: [PHP] permissions with bash scripts in php? > Something I have never tried... seems fairly straight-forward but I am > running into problems. > > My problem is that I need to call system to restart a daemon service > like so... > $cmd = "/path/to/shell/script/script.sh"; > system($cmd . " &> /tmp/error "); > ?> > > Script contains this command... > #!/bin/bash > /path/to/dhcpd -cf /path/to/config/dhcpd > > So far so good right? I mean it works from a command line so why not > from php. Lets check some permissions... > httpd as Apache:Apache > script.sh as Apache:Apache > > Upon inspection of 'error file' in /tmp I find this... > > unable to create icmp socket: Operation not permitted > Can't create new lease file: Permission denied > > And... > > Can't bind to dhcp address: Permission denied > Please make sure there is no other dhcp server > running and that there's no entry for dhcp or > bootp in /etc/inetd.conf. Also make sure you > are not running HP JetAdmin software, which > includes a bootp server. > > So lets set a sticky bit on the script.sh and /path/to/config/dhcpd > $> chmod 1777 /path/to/config/dhcpd > $> chmod 1777 script.sh > > So far so good but I am still recieving the same error, if anyone has > some good tips on what would be the most efficient & SECURE way of > starting this service please point me to the tutorial Thanks a ton. > Jas > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > is the apache user and group able to run the script from the command line? I know under rh9, you have to be root to start / stop / restart just about all the services. Just an idea. Jake -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] permissions with bash scripts in php?
Something I have never tried... seems fairly straight-forward but I am running into problems. My problem is that I need to call system to restart a daemon service like so... $cmd = "/path/to/shell/script/script.sh"; system($cmd . " &> /tmp/error "); ?> Script contains this command... #!/bin/bash /path/to/dhcpd -cf /path/to/config/dhcpd So far so good right? I mean it works from a command line so why not from php. Lets check some permissions... httpd as Apache:Apache script.sh as Apache:Apache Upon inspection of 'error file' in /tmp I find this... unable to create icmp socket: Operation not permitted Can't create new lease file: Permission denied And... Can't bind to dhcp address: Permission denied Please make sure there is no other dhcp server running and that there's no entry for dhcp or bootp in /etc/inetd.conf. Also make sure you are not running HP JetAdmin software, which includes a bootp server. So lets set a sticky bit on the script.sh and /path/to/config/dhcpd $> chmod 1777 /path/to/config/dhcpd $> chmod 1777 script.sh So far so good but I am still recieving the same error, if anyone has some good tips on what would be the most efficient & SECURE way of starting this service please point me to the tutorial Thanks a ton. Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php