?
Solved

PHP execute UNIX command

Posted on 2009-06-29
5
Medium Priority
?
2,203 Views
Last Modified: 2013-12-13
I am want to use PHP to 'exec' a pgp encryption command. Regardless of the command line I get either a err 64 (parser error) or 162 (complete failure during an encode). So I have reduced the command line within the PHP program to:

exec("/opt/pgp/bin/pgp --fingerprint", $results);

If I run "/opt/pgp/bin/pgp --fingerprint" on a command line I get "2 keys found" and the expected display. But the same exec under PHP gives me the parser error 64. I have tried "\n" to the string command and that does not make a difference. The user runs as 'nobody' in the browser which does have execute permission. If pgp was not at least starting up I would not even see the 'parser error' from it.

Is there something special I need to do in order to run pgp under PHP?

0
Comment
Question by:esc_toe_account
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 3

Expert Comment

by:Michal-Drozd
ID: 24741152
try following (replace " with ') :
exec('/opt/pgp/bin/pgp --fingerprint', $results);

Open in new window

0
 

Author Comment

by:esc_toe_account
ID: 24750009
Thanks for responding.

SIngle versus double quotes do not make a difference. I have gotten --fingerprint to work and the key was setting the environment variable PGP_HOME_DIR.
0
 

Author Comment

by:esc_toe_account
ID: 24750033
With that one small step forward I have returned to the original problem which is getting pgp to actrually encrypt a file running as a shell command from PHP called by a browser. The exec() command is:

/opt/pgp/bin/pgp --encrypt /export/home/eckankar/dev/inc/test.txt -r 'membership' --overwrite remove --home-dir /export/home/pgphome/.pgp -v --status-file /export/home/eckankar/dev/inc/test.txt.err

 The command runs fine if I run it on the unix command line; it also runs fine if I run the php script from a command line (which in turn will shell out to exec(pgp).....); it also runs fine if a browser executes a perl script which shells out to the pgp command. However when I run it from the browser, calling PHP, I get a permission denied error shown on the last line of the status-file as follows:

pgp:encrypt (3157:current local time 2009-06-30T07:41:18-05:00)
/export/home/pgphome/.pgp/pubring.pkr : open keyrings (1006 : public keyring)
/export/home/pgphome/.pgp/secring.skr : open keyrings (1007 : private keyring)
0x221DC947:encrypt (1030 : key added to recipient list)
/export/home/eckankar/dev/inc/test.txt:encrypt (3048 : data encrypted with cipher AES-128)
/export/home/eckankar/dev/inc/test.txt:encrypt (3124 : permission denied)

So the question is: what permission is being denied?

It most certainly is not test.txt, the input file. It obviously reads it and encrypts the data so that permission is fine. Further, I set its permission for the world as 'wr'. The output file, going to the same directory as the input file with a .pgp extension, should not be a problem either as that folder is set to world 'rw'. Since pgp creates the status file shown above (in the same folder) there can't be a permission issue with that folder.

The issue is almost certainly a permission associated with the user. The browser runs as 'nobody' which has almost no environment variables and very few permissions. (Note the perl script runs fine as 'nobody'!) But as a member of 'world/other' it does have 'rw' to all the folders it requires. So can anyone suggest what permission might be needed here?
0
 
LVL 3

Accepted Solution

by:
Michal-Drozd earned 2000 total points
ID: 24750332
Perhaps i found the solution to this. It appears apache is using a working folder where it isn't an owner or isn't part of pgp's working folder. This is usually the site's current working folder - the folder where the web page was loaded.

To get this to work always set --temp-dir to the same folder where the encryption takes place.
0
 

Author Closing Comment

by:esc_toe_account
ID: 31598575
Good work Michal-Drozd - that was indeed the solution..
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I imagine that there are some, like me, who require a way of getting currency exchange rates for implementation in web project from time to time, so I thought I would share a solution that I have developed for this purpose. It turns out that Yaho…
Part of the Global Positioning System A geocode (https://developers.google.com/maps/documentation/geocoding/) is the major subset of a GPS coordinate (http://en.wikipedia.org/wiki/Global_Positioning_System), the other parts being the altitude and t…
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question