Link to home
Create AccountLog in
Avatar of fixitben

asked on

run command on linux

What I am wanting to do is run a local command as a user on a linux machine.

Basically the user will input there username and password in a form on a linux server.  Then my code will execute a command as them.

Has anybody done this.  The server is internal and never sees the outside.

Avatar of glcummins
Flag of United States of America image

>> The server is internal and never sees the outside.

I assume this means that you want to run commands on a box that is different from the webserver box. In this case, you should use SSH.

First, you will need to setup the users on the remote box, and ensure that you can log into their accounts via SSH.

Second, you will need to create keys for each user, and place the public key in the .ssh/authorized_keys file in each user's directory on the remote box. This will allow each user to login via SSH from the webserver box to the remote box without a password.

Next, try a test command. For example:

   ssh user@remotebox 'df -h'

This will log into the remote box as the user 'user' and execute the command 'df -h'.

Finally, all that is left is to create a script that will execute the command for you. Take a look at the manual page for exec() here: exec() will allow you to execute the ssh command on the webserver box that will log into the remote box as desired.
Avatar of fixitben


NO Actually it will be the same server.  I just need to do the commands as the user.

Also do you have any good sites on the Second point.
Can I create a default key for all users?  And copy that to everyones directory.

You will use the ssh-keygen utility to create your keys. You will run that command as the webserver user, and copy it into the .ssh/authorized_keys file in each user's home directory.

Even if you will be running the commands on the same server, if running as a specific user is a requirement, you will probably still want to use SSH. The only difference is that, instead of logging onto a remote server, you will log back onto the same box. Try it from the command line to make sure it works for you (it should with most configurations).
Here's a good site to get you started on created the keys:
How would you generate the key as apache?

First, edit the /etc/passwd file to give the apache user a login shell (something like /bin/bash). This will allow you to log into the box on the command line as 'apache.' Next, as root, use the 'su' command to become 'apache':

  su - apache

You will now be logged in as apache. Run the ssh-keygen command, and your public and private key pair will be created.
Copy the contents of the public key into the appropriate .ssh/authorized_keys files.
Change /etc/passwd back so that apache no longer has shell access.
This is what I did and it still asks for  a password.
Do you have  any ideas on what I am doing wrong?

[root@mae1 ~]# su - apache
-bash-3.00$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/var/www/.ssh/id_rsa):
/var/www/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /var/www/.ssh/id_rsa.
Your public key has been saved in /var/www/.ssh/
The key fingerprint is:
-bash-3.00$ cat .ssh/ > .ssh/authorized_keys
-bash-3.00$ ssh apache@mae1
apache@mae1's password:

Avatar of glcummins
Flag of United States of America image

Link to home
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
I still didn't get it to work properly, but I have moved on to other things now.  Thanks for your help.