DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 24th February 2010
mehaj mehaj is offline
Port Guard
 
Join Date: Feb 2010
Posts: 17
Thanked 0 Times in 0 Posts
Default Apache

hi all,
I'm calling perl script from php code;some commands in the script need root user to be executed but i’m 'www' user.
For having root privilege i’ve modify the sudoers file ( incomment the line %wheel ALL=(ALL) NOPASSWD:ALL) and i’ve added the user 'www' to the group ‘wheel’
and next i've called the command but without success
PHP Code:
 exec("sudo perl /var/www/htdocs/msg.pl $tel $message "); 
Please, what am I doing wrong or what Have I left undone.
thank you in advance
Reply With Quote
  #2   (View Single Post)  
Old 24th February 2010
DutchDaemon's Avatar
DutchDaemon DutchDaemon is offline
Real Name: Ben
Spam Refugee
 
Join Date: Jul 2008
Location: Rotterdam, The Netherlands
Posts: 337
Thanked 32 Times in 30 Posts
Default

Exact same discussion: http://forums.freebsd.org/showthread.php?t=11510
It's FreeBSD, but the same things apply: shell, path, homedir, etc.
Reply With Quote
  #3   (View Single Post)  
Old 24th February 2010
mehaj mehaj is offline
Port Guard
 
Join Date: Feb 2010
Posts: 17
Thanked 0 Times in 0 Posts
Default

Thanks a lot DutchDaemon, i follow the instruction step by step.
i've started by given to 'www' shell but when i execute the command
Code:
sudo -vi /etc/sudoers
i have this error (the same error when i' m www and when i'm root )
Code:
sudo: /etc/sudoers is mode 0644, should be 0440
sudo: no valid sudoers sources found, quitting
should i change permissions!!
Reply With Quote
  #4   (View Single Post)  
Old 24th February 2010
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Old man from scene 24
 
Join Date: Apr 2008
Location: Eindhoven, Netherlands
Posts: 2,071
Thanked 198 Times in 156 Posts
Default

You get an error the mode should be 0440, but that it currently is 0644. So yes, you should change permissions.
You can not edit the sudoers file as the www user, you need to be root.

Also, which OS are you using? FreeBSD or OpenBSD? There are some differences in the default Apache configuration (Most notably OpenBSD uses chroot by default), so if you are using OpenBSD remember this when reading the link DutchDaemon posted.
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
  #5   (View Single Post)  
Old 25th February 2010
mehaj mehaj is offline
Port Guard
 
Join Date: Feb 2010
Posts: 17
Thanked 0 Times in 0 Posts
Default

DutchDaemon,Carpetsmoker really,thank's a lot,You Have Been a Great Help!!!
I spent long time on this, first to understand that i have to dechroot apache in order to execute my perl script and second to give www root privilege.
Reply With Quote
  #6   (View Single Post)  
Old 25th February 2010
mehaj mehaj is offline
Port Guard
 
Join Date: Feb 2010
Posts: 17
Thanked 0 Times in 0 Posts
Default

Moderator,
I'm working on openbsd not Freebsd.
Reply With Quote
  #7   (View Single Post)  
Old 25th February 2010
mehaj mehaj is offline
Port Guard
 
Join Date: Feb 2010
Posts: 17
Thanked 0 Times in 0 Posts
Default

one other question please, in my suddoers file i have:

Code:
# User privilege specification
root    ALL=(ALL) SETENV: ALL
www     ALL=(ALL) NOPASSWD: ALL
when i want to specify the task for 'www' ,no answer
Code:
# User privilege specification
root    ALL=(ALL) SETENV: ALL
www     ALL=NOPASSWD: var/www/htdocs/msg.pl
my php code:
PHP Code:
<?php
    $tel 
$_POST['Tel'] ;
    
$message $_POST['message'] ;
    print 
$tel;
    print 
$message;    
    
$outpout exec("sudo perl /var/www/htdocs/msg.pl $tel $message");
    print (
$outpout);
    
?>
any idea !
Reply With Quote
  #8   (View Single Post)  
Old 25th February 2010
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Old man from scene 24
 
Join Date: Apr 2008
Location: Eindhoven, Netherlands
Posts: 2,071
Thanked 198 Times in 156 Posts
Default

Why the need for sudo? Can't you solve the problem in a simpler/better way? What is so special about msg.pl that it needs to be run with sudo?

Quote:
I'm working on openbsd not Freebsd.
Yeah, there was some confusion on this. I moved the thread back to OpenBSD, sorry for the inconvenience.
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
  #9   (View Single Post)  
Old 25th February 2010
mehaj mehaj is offline
Port Guard
 
Join Date: Feb 2010
Posts: 17
Thanked 0 Times in 0 Posts
Default

in msg.pl i try to connect to a gsm, this connection needs root privilege, given 'www' user root privilege is first thing that crossed my mind.
Reply With Quote
Old 25th February 2010
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Old man from scene 24
 
Join Date: Apr 2008
Location: Eindhoven, Netherlands
Posts: 2,071
Thanked 198 Times in 156 Posts
Default

Well, I would write a simple server which opens a socket, run that as root, and then connect to it with your PHP app.
This way you can keep your server chrooted, and also solved all the complexity problems with sudo and whatnot.

I once wrote something similar with Python, I would post it as an example/guide but I can't seem to find it right now But this is a fairly common method of doing this sort of stuff so you should be able to find plenty of documentation/examples.

I haven't used sudo in years, so I have little help to offer with that.
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
Old 4th March 2010
mehaj mehaj is offline
Port Guard
 
Join Date: Feb 2010
Posts: 17
Thanked 0 Times in 0 Posts
Default

thank you Carpersmorker,i'll try to do it.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Apache 2.2.14 and PHP mgreen NetBSD Package System (pkgsrc) 0 27th January 2010 11:06 AM
PHP 5.2.6 and Apache 1.3 dialeight OpenBSD Packages and Ports 1 15th June 2009 03:04 AM
Upgrade Apache 1.3 mod_ssl to Apache 2.2 beandip FreeBSD Ports and Packages 11 26th March 2009 09:12 PM
Apache & PHP themaster FreeBSD General 2 14th June 2008 05:49 PM
Apache SSL mike171562 FreeBSD General 0 5th May 2008 09:41 PM


All times are GMT. The time now is 08:44 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick