Solved

Restart httpd and named via PHP (without suexec/as nobody)

Posted on 2006-11-09
8
810 Views
Last Modified: 2010-05-18
I need to restart both BIND and Apache from a PHP script that's running as nobody.  The following two lines don't work:

echo `/usr/sbin/httpd restart`;
echo `/etc/rc.d/init.d/named restart`;

Anyone?
0
Comment
Question by:inxil
  • 3
  • 2
8 Comments
 
LVL 14

Expert Comment

by:Aamir Saeed
ID: 17909518
0
 
LVL 7

Author Comment

by:inxil
ID: 17909559
OK, so I came up with a solution that I think is about as good as it's going to get.  First I updated my sudoers file and added the following:

nobody ALL=(ALL) NOPASSWD: /etc/rc.d/init.d/named reload
nobody ALL=(ALL) NOPASSWD: /usr/sbin/httpd graceful

Then I updated my PHP script accordingly:

echo `sudo /usr/sbin/httpd graceful`;
echo `sudo /etc/rc.d/init.d/named reload`;

This means that the user nobody can gracefully restart apache and reload BIND's database, which is somewhat insecure, but is acceptable.  Does anyone have a better solution?
0
 
LVL 48

Accepted Solution

by:
hernst42 earned 250 total points
ID: 17912792
Yup using sudo is the correct way to do such things
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 14

Assisted Solution

by:Aamir Saeed
Aamir Saeed earned 250 total points
ID: 17913801
You need root to do that. No two ways about it sorry.

Why would you want to restart Apache? Most httpds i know have an option that allows you to reload (meaning: keep running, but reload the configuration file).

I have even more troubble seeing why you would want to restart Bind. Checkout the remote name daemon control (rndc).
0
 
LVL 7

Author Comment

by:inxil
ID: 18197223
I feel like I answered the question myself...
0
 
LVL 7

Author Comment

by:inxil
ID: 18212516
I don't mind giving the points to hernst42 and i_m_aamir, but to those of you looking for a similar solution--the method I described works quite well.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
3 proven steps to speed up Magento powered sites. The article focus is on optimizing time to first byte (TTFB), full page caching and configuring server for optimal performance.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question