• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 831
  • Last Modified:

Restart httpd and named via PHP (without suexec/as nobody)

I need to restart both BIND and Apache from a PHP script that's running as nobody.  The following two lines don't work:

echo `/usr/sbin/httpd restart`;
echo `/etc/rc.d/init.d/named restart`;

Anyone?
0
inxil
Asked:
inxil
  • 3
  • 2
2 Solutions
 
inxilAuthor Commented:
OK, so I came up with a solution that I think is about as good as it's going to get.  First I updated my sudoers file and added the following:

nobody ALL=(ALL) NOPASSWD: /etc/rc.d/init.d/named reload
nobody ALL=(ALL) NOPASSWD: /usr/sbin/httpd graceful

Then I updated my PHP script accordingly:

echo `sudo /usr/sbin/httpd graceful`;
echo `sudo /etc/rc.d/init.d/named reload`;

This means that the user nobody can gracefully restart apache and reload BIND's database, which is somewhat insecure, but is acceptable.  Does anyone have a better solution?
0
 
hernst42Commented:
Yup using sudo is the correct way to do such things
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
Aamir SaeedCommented:
You need root to do that. No two ways about it sorry.

Why would you want to restart Apache? Most httpds i know have an option that allows you to reload (meaning: keep running, but reload the configuration file).

I have even more troubble seeing why you would want to restart Bind. Checkout the remote name daemon control (rndc).
0
 
inxilAuthor Commented:
I feel like I answered the question myself...
0
 
inxilAuthor Commented:
I don't mind giving the points to hernst42 and i_m_aamir, but to those of you looking for a similar solution--the method I described works quite well.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now