willsherwood
asked on
shell_exec grep command execution from PHP script
any thoughts on debugging the following script?
Note that:
- echo shell_exec(uptime); works fine
- echo "grep $SearchString /var/log/exim_mainlog"; displays the get param fine
- but the second echo as shown below displays nothing.
- this is executed from the base apache/htdocs directory
<html>
<HEAD>
<body>
<?
$SearchString = $_GET['s'];
echo shell_exec(uptime);
echo shell_exec("grep $SearchString /var/log/exim_mainlog");
?>
</body>
</HEAD>
Note that:
- echo shell_exec(uptime); works fine
- echo "grep $SearchString /var/log/exim_mainlog"; displays the get param fine
- but the second echo as shown below displays nothing.
- this is executed from the base apache/htdocs directory
<html>
<HEAD>
<body>
<?
$SearchString = $_GET['s'];
echo shell_exec(uptime);
echo shell_exec("grep $SearchString /var/log/exim_mainlog");
?>
</body>
</HEAD>
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
A bit of an update on what I have tried:
I've re-written the command to surround the SearchString with single quotes but no luck. Also tried writing to redirect the output to a file but it won't write the output to the file at all. I then found a little piece of code on the php.net page for 'shell_exec' that shows how you can print out the exit status of commands run through shell_exec. Using that, I found that the command always returns '2', which according to
http://cisl.ucar.edu/mss/dcs4/current-html/exitcodes.html - is a retryable error
and
http://www.faqs.org/docs/abs/HTML/exitcodes.html#EXITCODESREF - which says a shell builtin was misused
However, I can take the grep command we're passing to shell_exec (both with and without the file redirect) and execute fine from the command line. I'm suspecting there is just something wrong in general with trying to execute a grep command using shell_exec, although I can't figure why it would. The only thing I could think of is possibly the output from grep is just too large, but I can't be sure. (but some of the search examples i'm trying return a small output)
let me know if i should enter this as a new question
I've re-written the command to surround the SearchString with single quotes but no luck. Also tried writing to redirect the output to a file but it won't write the output to the file at all. I then found a little piece of code on the php.net page for 'shell_exec' that shows how you can print out the exit status of commands run through shell_exec. Using that, I found that the command always returns '2', which according to
http://cisl.ucar.edu/mss/dcs4/current-html/exitcodes.html - is a retryable error
and
http://www.faqs.org/docs/abs/HTML/exitcodes.html#EXITCODESREF - which says a shell builtin was misused
However, I can take the grep command we're passing to shell_exec (both with and without the file redirect) and execute fine from the command line. I'm suspecting there is just something wrong in general with trying to execute a grep command using shell_exec, although I can't figure why it would. The only thing I could think of is possibly the output from grep is just too large, but I can't be sure. (but some of the search examples i'm trying return a small output)
let me know if i should enter this as a new question
I did some testing on a machine that didn't have the php exec restriction.
Both with SSH as php...
The first thing I noticed is that I didn't get output on php, when I did this command:
$SearchString = "blabla";
echo shell_exec("grep '".$SearchString."' /var/log/exim_mainlog");
In SSH it gave me the error that /var/log/exim_mainlog didn't exist.
So I tried another log file, I knew existed in there ;)
And this command worked in php:
$SearchString = "Installed";
echo shell_exec("grep '".$SearchString."' /var/log/yum.log");
The other command I posted has way more restrictions if you have open_base in place.
Because in php you're running the shell commands as admin, and admin can't create & write to files that ain't in the admins /home/admin folder ;)
So, to make it work I had did the following:
$SearchString = "Installed";
$write_to_file = "/home/admin/domains/.../p
$read_from_file = "http://..../output.txt"; /// Same file, but readable from your browser
shell_exec("grep '".$SearchString."' /var/log/yum.log >> ".$write_to_file);
echo file_get_contents($read_fr
Anyway, if you run the commands you need in SSH first, u get more info when there are errors ;)
Hope this helps you
If you can access the HTTP server logs, that's a good place to look for error messages related to this command. You are capturing the "standard" (i.e., normal) output of the command, but error output is going elsewhere.
A couple more thoughts:
1) Another way to see error output is to add "2>&1" to the end of your shell command (separated by a space). That will combine the error output into the regular output, so it should show up in the HTTP output.
2) Exit statuses are program-dependent, so you have to be clear on whose exit code you are seeing. You don't mention how you're obtaining the code - that information would be helpful.
3) In PHP safe mode, command executions can be restricted to programs in a particular directory. What does your say about that? Are you in safe mode? Is there a safe_mode_exec_dir defined? More here.
A couple more thoughts:
1) Another way to see error output is to add "2>&1" to the end of your shell command (separated by a space). That will combine the error output into the regular output, so it should show up in the HTTP output.
2) Exit statuses are program-dependent, so you have to be clear on whose exit code you are seeing. You don't mention how you're obtaining the code - that information would be helpful.
3) In PHP safe mode, command executions can be restricted to programs in a particular directory. What does your say about that? Are you in safe mode? Is there a safe_mode_exec_dir defined? More here.
ASKER