Solved

Running a shell script from PHP

Posted on 2004-08-10
26
354 Views
Last Modified: 2008-03-10
I would like to be able to restart my linux teamspeak server if it goes down by clicking a link on my webpage.

What would i need to code to make this happen. Or is it possible? I have read on here about others attempting to excute shell scripts simialrly but failing due to permissions.

What I got so far is this

<?php

$sys = `exec /pathtomytss2_rc2directory/teamspeak2-server_startscript start`;

?>

what i would like to have is something that would allow me to send "start, stop, restart" as variable to the script.

Steve.
0
Comment
Question by:sgwillett
  • 14
  • 8
  • 2
  • +2
26 Comments
 
LVL 25

Expert Comment

by:Squinky
Comment Utility
You'd need to have a script that runs setuid for privilege escalation - typically only root has the ability to reboot. This should help you set it up:

http://neworder.box.sk/newsread_print.php?newsid=2380
0
 

Author Comment

by:sgwillett
Comment Utility
I don't want to reboot the machine just restart the TS server app.
0
 

Expert Comment

by:goose95
Comment Utility
try this :


<?php

shell_exec("/pathtomytss2_rc2directory/teamspeak2-server_startscript" . $_GET["action"]);

?>



if your script is call "teamspeak.php" :
- start with a link to teamspeak.php?action=start
- stop with a link to teamspeak.php?action=stop
- restart with a link to teamspeak.php?action=restart
0
 

Author Comment

by:sgwillett
Comment Utility
I guess I'm having some ownership issues.. The php you supplied above gives no errors but it doesnt do anything. hmm..
0
 
LVL 25

Expert Comment

by:Squinky
Comment Utility
ok, but the same technique still applies (and it's why the last suggestion doesn't work) - it's just running a program you don't normally have access to - what it actually does is irrelevant. You'll need to setuid the start script to a user that has sufficient privs to run it. You may prefer to make a special copy that you only use to access from the web server and only give the web server execute access to it. Incidentally, the suggested line:

/pathtomytss2_rc2directory/teamspeak2-server_startscript" . $_GET["action"]

has a glaring security hole - you can append as many commands as you like to that command, many of which could cause you serious trouble. You should match exact submitted values and map them to fixed commands - NEVER pass through unchecked strings to a command line.
0
 

Author Comment

by:sgwillett
Comment Utility
if the values are start stop restart how would I check for them.

and I can't see your site for the setuid because work has it blocked...
0
 

Author Comment

by:sgwillett
Comment Utility
Here is what I would like..

To avoid security issues. and to keep my webhost from panic.

I would like a php script that writes to a file a value "null,1,2, or 3"

and I'll have a cron job that looks every few minutes for the value if its 1, 2, or 3 it will fire off the script with an "action" related to the value then it will clear the file back to null.

any takers?
0
 
LVL 5

Accepted Solution

by:
TheClickMaster earned 250 total points
Comment Utility
This script will only take null, 1, 2 or 3
I guess you already have the cronjob, otherwise tell me and I'll do it too.
Set permissions of the file "file.txt" to 755 or 777 depending on your settings.

<?php
     if ( $_GET["action"] == "null" ||
          $_GET["action"] == "1"    ||
          $_GET["action"] == "2"    ||
          $_GET["action"] == "3"    )
     {
          if($handle = fopen("./file.txt","w"))
          {
               if(fwrite($handle, $_GET["action"]))
               {
                    echo "Saved ".$_GET["action"]." to file";
               }
               else
               {
                    echo "Could not write to file";
               }
          }
          else
          {
               echo "Could not open the file";
          }
     }
     else
     {
          echo "Invalid action!";
     }
?>
0
 

Author Comment

by:sgwillett
Comment Utility
Sure go ahead and make the cron..

It needs to blank the file after it checks it though.  So it doesn't keep seeing the same value.


steve.
0
 

Author Comment

by:sgwillett
Comment Utility
any luck with the cron script?
0
 
LVL 1

Expert Comment

by:bobbyo
Comment Utility
What you can also do is allow the script to run as root by setting the setuid bit.

You can do this by running the following command:

chmod +s /pathtomytss2_rc2directory/teamspeak2-server_startscript

Make sure the file is owned by root, and when the command is executed is will be executed as root.
0
 
LVL 25

Expert Comment

by:Squinky
Comment Utility
Hey, I've got a great idea, how about using setuid??? I can't believe no-one thought of it before!!!

I guess you missed the first post. setuid can be dangerous (which is why I posted the guide rather than the instruction), and may not be possible on a shared host. The thread on cron is a good alternative, and may be the best solution in this case.
0
 
LVL 1

Expert Comment

by:bobbyo
Comment Utility
Sorry dude, I did not even see your post. jumped over it cause of the advertising :)
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:sgwillett
Comment Utility
Yeah the cron thread is what will work. I Cannot setuid on my server.

Now I do need the cron script that will look for the values in that file and start, stop or restart my TS server.

Im not good at scripting..
0
 
LVL 25

Expert Comment

by:Squinky
Comment Utility
<?php
$config = './file.txt'; //Adjust this to wherever your file is stored - see TheClickMaster's script.
$command = file_get_contents($config);
switch ($command) {
  case 'null':
    exit; //Nothing to do
  case '0':
    system('/pathtomytss2_rc2directory/teamspeak2-server_startscript start');
    break;
  case '2':
    system('/pathtomytss2_rc2directory/teamspeak2-server_startscript stop');
    break;
  case '3':
    system('/pathtomytss2_rc2directory/teamspeak2-server_startscript restart');
    break;
}
?>

I've used system() specifically to allow feedback from the commands to be seen - cron will usually email the output of the commands back to the crontab owner, but only if there is any. Backticks will also work (as per original), but system() keeps it 'in-house' as far as PHP is concerned.
0
 
LVL 25

Assisted Solution

by:Squinky
Squinky earned 250 total points
Comment Utility
oops messed up the command numbering!

<?php
$config = './file.txt'; //Adjust this to wherever your file is stored - see TheClickMaster's script.
$command = file_get_contents($config);
switch ($command) {
  case 'null':
    exit; //Nothing to do
  case '1':
    system('/pathtomytss2_rc2directory/teamspeak2-server_startscript start');
    break;
  case '2':
    system('/pathtomytss2_rc2directory/teamspeak2-server_startscript stop');
    break;
  case '3':
    system('/pathtomytss2_rc2directory/teamspeak2-server_startscript restart');
    break;
}
?>
0
 

Author Comment

by:sgwillett
Comment Utility
What should I add to clear the file contents back to null after its checked. to prevent the script from seeing the same value over and over.
0
 
LVL 25

Expert Comment

by:Squinky
Comment Utility
<?php
$config = './file.txt'; //Adjust this to wherever your file is stored - see TheClickMaster's script.
$command = file_get_contents($config);
$clear = false;
switch ($command) {
      case 'null':
            exit; //Nothing to do
      case '1':
            system('/pathtomytss2_rc2directory/teamspeak2-server_startscript start');
            $clear = true;
            break;
      case '2':
            system('/pathtomytss2_rc2directory/teamspeak2-server_startscript stop');
            $clear = true;
            break;
      case '3':
            system('/pathtomytss2_rc2directory/teamspeak2-server_startscript restart');
            $clear = true;
            break;
}
if ($clear) {
      if($handle = fopen($config, 'w')) {
            fwrite($handle, 'null');
            fclose($handle);
      } else {
            echo "Failed to open $config\n";
      }
}
?>
0
 

Author Comment

by:sgwillett
Comment Utility
Its not writing null with that code..

and. how do i run a .php file from cron or a shell? its givening me errors.

?php: No such file or directory
 unexpected EOF while looking for match `''
synatx error: unexpected end of file
0
 

Author Comment

by:sgwillett
Comment Utility
NM I figured it out.. lol learn to read the whole code...

thanks..

now about that runing php as cron bit...
0
 

Author Comment

by:sgwillett
Comment Utility
damn it its not writing null..

after i figured out how to get php to run from the shell I ran it and it starts, stops etc.. but it wont write null to the file.

0
 
LVL 25

Expert Comment

by:Squinky
Comment Utility
Edit the cron file for root:

crontab -e -u root

Add this line

0 * * * /usr/local/bin/php /path/to/your/script.php

This will run the script every hour, on the hour.
0
 

Author Comment

by:sgwillett
Comment Utility
I don't get it.. when I run it from my ZDE it works. but from the linux prompt no null
0
 
LVL 25

Expert Comment

by:Squinky
Comment Utility
Are you running it as your own user, or as root? When running from cron (which will be root), you should make sure that the config file is writable by the web server, so you may need to explicitly set user, group and mode on it after you've recreated the file. Check out umask, chmod, chown commands.
0
 

Author Comment

by:sgwillett
Comment Utility
SOB... i figured it out... Typo... lol Thanks..
0
 

Author Comment

by:sgwillett
Comment Utility
Just to finalise this topic..

I added an .htaccess to the directory my TS scripts are called from to keep unwanted people from figuring out the link and screwing with my TSserver.

steve
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Router for PHP reqeusts 12 29
PHP Variable into a number 3 34
Send current WordPress page in a URL parameter 3 34
Php Array Diff 3 26
Both Easy and Powerful How easy is PHP? http://lmgtfy.com?q=how+easy+is+php (http://lmgtfy.com?q=how+easy+is+php)  Very easy.  It has been described as "a programming language even my grandmother can use." How powerful is PHP?  http://en.wikiped…
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now