?
Solved

How to execute commands in php under apache

Posted on 2004-04-18
5
Medium Priority
?
469 Views
Last Modified: 2010-03-04
Hello.

I am trying to make my daily work a little bit more easy. I am trying to automate some things that I do all days and started looking a way with php+apache. The problem is that apache runs under apache user and group, and anything I try to execute in the server is being executed by the user apache. So, I won't be able for example, to crate a directory.

I know apache has mkdir function os something like that, but I just gave you the "create directory" as an example, what I need to execute are lot of commands. Even, I will need to restart daemons like named or httpd, or mysql.

I tried a lot of ways but, all php code is being executed as apache user.

Any help will be apreciated.

Thanks
Pablo
0
Comment
Question by:parturi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 10

Expert Comment

by:Mercantilum
ID: 10856464
There is no easy way - some cgi wrappers are available, I would do mine(see below)
- php has to be called from cgi
- the small wrapper will actually execute your php script

1. make this small c program called cgiwrapper.c
To get the user id of php for instance, do
grep php /etc/passwd
This is the first number, e.g.
php:x:123:...
Below uid_for_php would be 123

-------------
#include <unistd.h>
char *prog="pathtoyourphp";
main (int argc, char **argv)
{
   argv[0] = prog;
   setuid (uid_for_php);
   execv(*argv, argv);
}
-------------

2. compile and set attributes as root (cgiwrapper should be either in your cgi-bin dir (called by apache directly) or called by your actual apache cgi

# you are root...
gcc -O2 cgiwrapper.c -o cgiwrapper
# just in case
chown root cgiwrapper
# set the setuid bit
chmod 4755 cgiwrapper

When cgiwrapper is called, user becomes uid_for_php and it calls 'prog' giving the arguments initially given to cgiwrapper.

3. to test your wrapper

# Put something like '/bin/bash' in 'prog' in your .c program (replace pathtoyourphp)
# recompile , set access rights as 2. above
# just be yourself :)  (under your own id, eg. parturi)
# do
./cgiwrapper
# you should have opened a new bash ... do
id
# you should see your php id (123) for "uid="

After the test, update your cgiwrapper.c again with the actual php program/script to be run in 'prog', and step 2. again


Some people don't like much to have a setuid-program... this one is very simple and short.
The worst that could happen is executing something as 'php' user... not worse than with 'apache' user ;-)
0
 
LVL 6

Expert Comment

by:philjones85
ID: 10861660
you could give the user "apache" root access - probably not a good idea, but would work

or you could give "777" permission to whatever folders that "apache" needs to modify/work in

another thing you might consider trying is running an excpect script, have the script log in as a higher priority user, perform whatever commands need to be performed, then log out.
0
 
LVL 1

Author Comment

by:parturi
ID: 10862424
Thanks for answering guys!

philjones85, I won't want 777 permissions to whatever folder is going to be modified. And giving apache root access is extreme dangerours, and even if I want to do that, I have to recompile apache, by default apache won't let you do that. The other suggestion, I don't understand, I am very new at linux-apache.

Mercantilum, I have a couple of questions regarding your option (which I think it could be a solution) if I understood well what it does.

>> - php has to be called from cgi

Supouse I do a form. It means I will have to set the action to the cgi, and set the cgi to call the php page?

>>1. make this small c program called cgiwrapper.c
>>To get the user id of php for instance, do
>>grep php /etc/passwd
>>This is the first number, e.g.
>>php:x:123:...
>>Below uid_for_php would be 123

is it the same uid as if I type the comand "id root" ? because I don't have the user php in /etc/passwd, I just used that file to add protected web directories.

uid_for_php which you set it in the example as 123, it must be the uid for root in order to execute commands as root?

This script wil take arguments and pass them to the php page? which one will be executed with the uid I set?

Sorry if I do stupid question, but I can't understand very well "concepts" yet, I am coming from a windows enviroment, so.. understand me :))

based on the effort, I will give you more points.

Thank you very much!
Pablo
0
 
LVL 10

Accepted Solution

by:
Mercantilum earned 2000 total points
ID: 10862623
a) CGI/PHP : many people put PHP directly in /cgi-bin/ .

In our case we don't have to do that.
Usual cgi calls:
   http://myserver.com/cgi-bin/php?myform.php
Your server call
   http://myserver.com/cgi-bin/cgiwrapper?myform.php
[maybe cgiwrapper could be renamed as a more anonymous name :)

b) uid

Yes, you can put 0 instead of 123 to get root executing the cgiwrapper.
Actually you could seize the opportunity of this cgiwrapper to do more than calling php (calling a bash or perl script, which calls php after)
Yes, id <user> gives the id, for root it is always 0.
You don't have a user 'php', so take another user or root, do " id user" to get its userid (0 for root).

Yes the script will take the exact same arguments as the one you would have passed to the http://..../php?arg1&arg2 ...

Everything executed with cgiwrapper will have the user id you set in place of uid_for_php.
So if you put 0 (zero) for the call setuid(0), everything will be executed as root.
Try if possible to use another user, as, even if the risk is not that high, it is always dangerous to have a " root " process started from outside... (even if it's only php)

**Some technical things about uid and setuid (linux or unix)
- each user has a number associated to him. do
     cat /etc/passwd
   to see a list of users, you have root:x:uid:gid:...
- the uid 0 is always for root, it gives the system admin rights - can do anything!
- setuid is a special set of an executable access rights allowing during its execution to be someone else
   e.g. you are  'parturi'
   create the cgiwrapper which run another command as defined above, compile it
   do
      ls -l cgiwrapper
    you will see something like
       -rwxr-xr-x    1 parturi     users         1755 Apr  4 12:00 cgiwrapper
     the first rwx is the read write exec for the owner (parturi)
     the 2nd one r-x  is read exec (not write) ok for the group (users)
     3rd one r-w is read exec for all others (not parturi and not group users)
     as 'root' (#) if you do the following:
         chown root cgiwrapper
         chmod 4755 cgiwrapper
         ls -l
     you see some changes:
       -rwsr-xr-x    1 root     users         1755 Apr  4 12:00 cgiwrapper
     rws instead of rwx, and owner is root (not parturi)
     thant means that when executed, cgiwrapper can potentially become any user, using setuid(userid)...
 
windows : I understand you :) I'd be glad to help you to like your new linux/unix environment!
0
 
LVL 1

Author Comment

by:parturi
ID: 10862842
Mercantilum, I told you I will give you more points. When I close the question, I wasn't able to do it. I am going to ask some more things here! Thanks again
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction As you’re probably aware the HTTP protocol offers basic / weak authentication, which in combination with the relevant configuration on your web server, provides the ability to password protect all or part of your host.  If you were not…
It is possible to boost certain documents at query time in Solr. Query time boosting can be a powerful resource for finding the most relevant and "best" content. Of course the more information you index, the more fields you will be able to use for y…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Suggested Courses
Course of the Month10 days, 15 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question