How to run from PHP a bash script under root user (with all permissions) and not nobody user - php default user?
如何在根用户(具有所有权限)下运行PHP的bash脚本,而不是没有用户- PHP默认用户?
thats my output after sudo visudo:
这是我在sudo visudo之后的输出:
Defaults env_keep += "LINES COLUMNS"
Defaults env_keep += "LSCOLORS"
Defaults env_keep += "SSH_AUTH_SOCK"
Defaults env_keep += "TZ"
Defaults env_keep += "DISPLAY XAUTHORIZATION XAUTHORITY"
Defaults env_keep += "EDITOR VISUAL"
Defaults env_keep += "HOME MAIL"
#User privilege specification
root ALL=(ALL) ALL
%admin ALL=(ALL) ALL
# Uncomment to allow people in group wheel to run all commands
# %wheel ALL=(ALL) ALL
# Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL
# Samples
# %users ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users localhost=/sbin/shutdown -h now
5 个解决方案
#1
28
You can use sudo:
您可以使用sudo:
exec("sudo /your/script");
You should allow executing your script without password prompt. Run sudo visudo in console and add the following string to the end:
您应该允许在没有密码提示的情况下执行脚本。在控制台运行sudo visudo,并在末尾添加以下字符串:
nobody ALL = NOPASSWD: /your/script
You must set up file mode properly to ensure that no one can modify this script and put dangerous contents into it (in root console):
您必须正确设置文件模式,以确保没有人可以修改这个脚本并将危险的内容放入它(在根控制台中):
chown root:root /your/script
chmod 755 /your/script
#2
1
You can make a program which is set-uid root. This causes the program to always run as root. This doesn't work with shell scripts, so you have to use a program which calls your script.
您可以创建一个程序,它是set-uid根。这导致程序总是作为根用户运行。这对shell脚本不起作用,所以必须使用一个调用脚本的程序。
#3
0
Under Linux you normally do this using sudo. Try to be as specific as possible, so not to give the script too many permissions.
在Linux下,您通常使用sudo实现这一点。尽量做到具体,以免给脚本太多的权限。
For examples on how to use sudo: http://aplawrence.com/Basics/sudo.html
有关如何使用sudo的示例:http://aplawrence.com/Basics/sudo.html
#4
0
I would add a specific rule to allow this script to be called by nobody user, using sudo.
我将添加一个特定的规则,允许没有用户使用sudo调用此脚本。
#5
0
I recently published a project that allows PHP to obtain and interact with a real Bash shell (as user: apache/www-data or root if needed). Get it here: https://github.com/merlinthemagic/MTS
我最近发布了一个项目,该项目允许PHP获得一个真正的Bash shell并与之交互(如果需要,可以作为用户:apache/www-data或root)。在这里得到:https://github.com/merlinthemagic/MTS
After downloading you would simply use the following code:
下载后,您只需使用以下代码:
$shell = \MTS\Factories::getDevices()->getLocalHost()->getShell('bash', true);
$return1 = $shell->exeCmd('/full/path/to/script.sh');
#1
28
You can use sudo:
您可以使用sudo:
exec("sudo /your/script");
You should allow executing your script without password prompt. Run sudo visudo in console and add the following string to the end:
您应该允许在没有密码提示的情况下执行脚本。在控制台运行sudo visudo,并在末尾添加以下字符串:
nobody ALL = NOPASSWD: /your/script
You must set up file mode properly to ensure that no one can modify this script and put dangerous contents into it (in root console):
您必须正确设置文件模式,以确保没有人可以修改这个脚本并将危险的内容放入它(在根控制台中):
chown root:root /your/script
chmod 755 /your/script
#2
1
You can make a program which is set-uid root. This causes the program to always run as root. This doesn't work with shell scripts, so you have to use a program which calls your script.
您可以创建一个程序,它是set-uid根。这导致程序总是作为根用户运行。这对shell脚本不起作用,所以必须使用一个调用脚本的程序。
#3
0
Under Linux you normally do this using sudo. Try to be as specific as possible, so not to give the script too many permissions.
在Linux下,您通常使用sudo实现这一点。尽量做到具体,以免给脚本太多的权限。
For examples on how to use sudo: http://aplawrence.com/Basics/sudo.html
有关如何使用sudo的示例:http://aplawrence.com/Basics/sudo.html
#4
0
I would add a specific rule to allow this script to be called by nobody user, using sudo.
我将添加一个特定的规则,允许没有用户使用sudo调用此脚本。
#5
0
I recently published a project that allows PHP to obtain and interact with a real Bash shell (as user: apache/www-data or root if needed). Get it here: https://github.com/merlinthemagic/MTS
我最近发布了一个项目,该项目允许PHP获得一个真正的Bash shell并与之交互(如果需要,可以作为用户:apache/www-data或root)。在这里得到:https://github.com/merlinthemagic/MTS
After downloading you would simply use the following code:
下载后,您只需使用以下代码:
$shell = \MTS\Factories::getDevices()->getLocalHost()->getShell('bash', true);
$return1 = $shell->exeCmd('/full/path/to/script.sh');