Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 708
  • Last Modified:

run command on linux

What I am wanting to do is run a local command as a user on a linux machine.

Basically the user will input there username and password in a form on a linux server.  Then my code will execute a command as them.

Has anybody done this.  The server is internal and never sees the outside.

Thanks
Fixitben
0
fixitben
Asked:
fixitben
  • 5
  • 4
1 Solution
 
glcumminsCommented:
>> The server is internal and never sees the outside.

I assume this means that you want to run commands on a box that is different from the webserver box. In this case, you should use SSH.

First, you will need to setup the users on the remote box, and ensure that you can log into their accounts via SSH.

Second, you will need to create keys for each user, and place the public key in the .ssh/authorized_keys file in each user's directory on the remote box. This will allow each user to login via SSH from the webserver box to the remote box without a password.

Next, try a test command. For example:

   ssh user@remotebox 'df -h'

This will log into the remote box as the user 'user' and execute the command 'df -h'.

Finally, all that is left is to create a script that will execute the command for you. Take a look at the manual page for exec() here: http://www.php.net/manual/en/function.exec.php. exec() will allow you to execute the ssh command on the webserver box that will log into the remote box as desired.
0
 
fixitbenAuthor Commented:
NO Actually it will be the same server.  I just need to do the commands as the user.

Also do you have any good sites on the Second point.
Can I create a default key for all users?  And copy that to everyones directory.

Thanks
Fixitben
0
 
glcumminsCommented:
You will use the ssh-keygen utility to create your keys. You will run that command as the webserver user, and copy it into the .ssh/authorized_keys file in each user's home directory.

Even if you will be running the commands on the same server, if running as a specific user is a requirement, you will probably still want to use SSH. The only difference is that, instead of logging onto a remote server, you will log back onto the same box. Try it from the command line to make sure it works for you (it should with most configurations).
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
glcumminsCommented:
Here's a good site to get you started on created the keys:

http://suso.org/docs/shell/ssh.sdf
0
 
fixitbenAuthor Commented:
How would you generate the key as apache?

Thanks
Fixitben
0
 
glcumminsCommented:
First, edit the /etc/passwd file to give the apache user a login shell (something like /bin/bash). This will allow you to log into the box on the command line as 'apache.' Next, as root, use the 'su' command to become 'apache':

  su - apache

You will now be logged in as apache. Run the ssh-keygen command, and your public and private key pair will be created.
Copy the contents of the public key into the appropriate .ssh/authorized_keys files.
Change /etc/passwd back so that apache no longer has shell access.
0
 
fixitbenAuthor Commented:
This is what I did and it still asks for  a password.
Do you have  any ideas on what I am doing wrong?

[root@mae1 ~]# su - apache
-bash-3.00$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/var/www/.ssh/id_rsa):
/var/www/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /var/www/.ssh/id_rsa.
Your public key has been saved in /var/www/.ssh/id_rsa.pub.
The key fingerprint is:
xx:xx:xx:xx:xx:xx:xx:xx:x:x:xx:xx:xx:xx:xx:xx apache@mae1.xxxxx.com
-bash-3.00$ cat .ssh/id_rsa.pub > .ssh/authorized_keys
-bash-3.00$ ssh apache@mae1
apache@mae1's password:


Thanks
Fixitben
0
 
glcumminsCommented:
What permissions do you have set on the .ssh directory and the authorized_keys file? If I remember correctly, .ssh needs to be 700, and authorized_keys needs to be 644.
0
 
fixitbenAuthor Commented:
I still didn't get it to work properly, but I have moved on to other things now.  Thanks for your help.
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now