Solved

Running a shell script from PHP

Posted on 2004-08-10
26
355 Views
Last Modified: 2008-03-10
I would like to be able to restart my linux teamspeak server if it goes down by clicking a link on my webpage.

What would i need to code to make this happen. Or is it possible? I have read on here about others attempting to excute shell scripts simialrly but failing due to permissions.

What I got so far is this

<?php

$sys = `exec /pathtomytss2_rc2directory/teamspeak2-server_startscript start`;

?>

what i would like to have is something that would allow me to send "start, stop, restart" as variable to the script.

Steve.
0
Comment
Question by:sgwillett
  • 14
  • 8
  • 2
  • +2
26 Comments
 
LVL 25

Expert Comment

by:Marcus Bointon
ID: 11761071
You'd need to have a script that runs setuid for privilege escalation - typically only root has the ability to reboot. This should help you set it up:

http://neworder.box.sk/newsread_print.php?newsid=2380
0
 

Author Comment

by:sgwillett
ID: 11761343
I don't want to reboot the machine just restart the TS server app.
0
 

Expert Comment

by:goose95
ID: 11762015
try this :


<?php

shell_exec("/pathtomytss2_rc2directory/teamspeak2-server_startscript" . $_GET["action"]);

?>



if your script is call "teamspeak.php" :
- start with a link to teamspeak.php?action=start
- stop with a link to teamspeak.php?action=stop
- restart with a link to teamspeak.php?action=restart
0
 

Author Comment

by:sgwillett
ID: 11762651
I guess I'm having some ownership issues.. The php you supplied above gives no errors but it doesnt do anything. hmm..
0
 
LVL 25

Expert Comment

by:Marcus Bointon
ID: 11762759
ok, but the same technique still applies (and it's why the last suggestion doesn't work) - it's just running a program you don't normally have access to - what it actually does is irrelevant. You'll need to setuid the start script to a user that has sufficient privs to run it. You may prefer to make a special copy that you only use to access from the web server and only give the web server execute access to it. Incidentally, the suggested line:

/pathtomytss2_rc2directory/teamspeak2-server_startscript" . $_GET["action"]

has a glaring security hole - you can append as many commands as you like to that command, many of which could cause you serious trouble. You should match exact submitted values and map them to fixed commands - NEVER pass through unchecked strings to a command line.
0
 

Author Comment

by:sgwillett
ID: 11762833
if the values are start stop restart how would I check for them.

and I can't see your site for the setuid because work has it blocked...
0
 

Author Comment

by:sgwillett
ID: 11762939
Here is what I would like..

To avoid security issues. and to keep my webhost from panic.

I would like a php script that writes to a file a value "null,1,2, or 3"

and I'll have a cron job that looks every few minutes for the value if its 1, 2, or 3 it will fire off the script with an "action" related to the value then it will clear the file back to null.

any takers?
0
 
LVL 5

Accepted Solution

by:
TheClickMaster earned 250 total points
ID: 11766764
This script will only take null, 1, 2 or 3
I guess you already have the cronjob, otherwise tell me and I'll do it too.
Set permissions of the file "file.txt" to 755 or 777 depending on your settings.

<?php
     if ( $_GET["action"] == "null" ||
          $_GET["action"] == "1"    ||
          $_GET["action"] == "2"    ||
          $_GET["action"] == "3"    )
     {
          if($handle = fopen("./file.txt","w"))
          {
               if(fwrite($handle, $_GET["action"]))
               {
                    echo "Saved ".$_GET["action"]." to file";
               }
               else
               {
                    echo "Could not write to file";
               }
          }
          else
          {
               echo "Could not open the file";
          }
     }
     else
     {
          echo "Invalid action!";
     }
?>
0
 

Author Comment

by:sgwillett
ID: 11766904
Sure go ahead and make the cron..

It needs to blank the file after it checks it though.  So it doesn't keep seeing the same value.


steve.
0
 

Author Comment

by:sgwillett
ID: 11785745
any luck with the cron script?
0
 
LVL 1

Expert Comment

by:bobbyo
ID: 11791170
What you can also do is allow the script to run as root by setting the setuid bit.

You can do this by running the following command:

chmod +s /pathtomytss2_rc2directory/teamspeak2-server_startscript

Make sure the file is owned by root, and when the command is executed is will be executed as root.
0
 
LVL 25

Expert Comment

by:Marcus Bointon
ID: 11791398
Hey, I've got a great idea, how about using setuid??? I can't believe no-one thought of it before!!!

I guess you missed the first post. setuid can be dangerous (which is why I posted the guide rather than the instruction), and may not be possible on a shared host. The thread on cron is a good alternative, and may be the best solution in this case.
0
 
LVL 1

Expert Comment

by:bobbyo
ID: 11791417
Sorry dude, I did not even see your post. jumped over it cause of the advertising :)
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Author Comment

by:sgwillett
ID: 11792146
Yeah the cron thread is what will work. I Cannot setuid on my server.

Now I do need the cron script that will look for the values in that file and start, stop or restart my TS server.

Im not good at scripting..
0
 
LVL 25

Expert Comment

by:Marcus Bointon
ID: 11792261
<?php
$config = './file.txt'; //Adjust this to wherever your file is stored - see TheClickMaster's script.
$command = file_get_contents($config);
switch ($command) {
  case 'null':
    exit; //Nothing to do
  case '0':
    system('/pathtomytss2_rc2directory/teamspeak2-server_startscript start');
    break;
  case '2':
    system('/pathtomytss2_rc2directory/teamspeak2-server_startscript stop');
    break;
  case '3':
    system('/pathtomytss2_rc2directory/teamspeak2-server_startscript restart');
    break;
}
?>

I've used system() specifically to allow feedback from the commands to be seen - cron will usually email the output of the commands back to the crontab owner, but only if there is any. Backticks will also work (as per original), but system() keeps it 'in-house' as far as PHP is concerned.
0
 
LVL 25

Assisted Solution

by:Marcus Bointon
Marcus Bointon earned 250 total points
ID: 11792269
oops messed up the command numbering!

<?php
$config = './file.txt'; //Adjust this to wherever your file is stored - see TheClickMaster's script.
$command = file_get_contents($config);
switch ($command) {
  case 'null':
    exit; //Nothing to do
  case '1':
    system('/pathtomytss2_rc2directory/teamspeak2-server_startscript start');
    break;
  case '2':
    system('/pathtomytss2_rc2directory/teamspeak2-server_startscript stop');
    break;
  case '3':
    system('/pathtomytss2_rc2directory/teamspeak2-server_startscript restart');
    break;
}
?>
0
 

Author Comment

by:sgwillett
ID: 11793853
What should I add to clear the file contents back to null after its checked. to prevent the script from seeing the same value over and over.
0
 
LVL 25

Expert Comment

by:Marcus Bointon
ID: 11794331
<?php
$config = './file.txt'; //Adjust this to wherever your file is stored - see TheClickMaster's script.
$command = file_get_contents($config);
$clear = false;
switch ($command) {
      case 'null':
            exit; //Nothing to do
      case '1':
            system('/pathtomytss2_rc2directory/teamspeak2-server_startscript start');
            $clear = true;
            break;
      case '2':
            system('/pathtomytss2_rc2directory/teamspeak2-server_startscript stop');
            $clear = true;
            break;
      case '3':
            system('/pathtomytss2_rc2directory/teamspeak2-server_startscript restart');
            $clear = true;
            break;
}
if ($clear) {
      if($handle = fopen($config, 'w')) {
            fwrite($handle, 'null');
            fclose($handle);
      } else {
            echo "Failed to open $config\n";
      }
}
?>
0
 

Author Comment

by:sgwillett
ID: 11794407
Its not writing null with that code..

and. how do i run a .php file from cron or a shell? its givening me errors.

?php: No such file or directory
 unexpected EOF while looking for match `''
synatx error: unexpected end of file
0
 

Author Comment

by:sgwillett
ID: 11794471
NM I figured it out.. lol learn to read the whole code...

thanks..

now about that runing php as cron bit...
0
 

Author Comment

by:sgwillett
ID: 11794608
damn it its not writing null..

after i figured out how to get php to run from the shell I ran it and it starts, stops etc.. but it wont write null to the file.

0
 
LVL 25

Expert Comment

by:Marcus Bointon
ID: 11794625
Edit the cron file for root:

crontab -e -u root

Add this line

0 * * * /usr/local/bin/php /path/to/your/script.php

This will run the script every hour, on the hour.
0
 

Author Comment

by:sgwillett
ID: 11794661
I don't get it.. when I run it from my ZDE it works. but from the linux prompt no null
0
 
LVL 25

Expert Comment

by:Marcus Bointon
ID: 11794671
Are you running it as your own user, or as root? When running from cron (which will be root), you should make sure that the config file is writable by the web server, so you may need to explicitly set user, group and mode on it after you've recreated the file. Check out umask, chmod, chown commands.
0
 

Author Comment

by:sgwillett
ID: 11794700
SOB... i figured it out... Typo... lol Thanks..
0
 

Author Comment

by:sgwillett
ID: 11796080
Just to finalise this topic..

I added an .htaccess to the directory my TS scripts are called from to keep unwanted people from figuring out the link and screwing with my TSserver.

steve
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Developers of all skill levels should learn to use current best practices when developing websites. However many developers, new and old, fall into the trap of using deprecated features because this is what so many tutorials and books tell them to u…
Build an array called $myWeek which will hold the array elements Today, Yesterday and then builds up the rest of the week by the name of the day going back 1 week.   (CODE) (CODE) Then you just need to pass your date to the function. If i…
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now