Improve company productivity with a Business Account.Sign Up

x
?
Solved

PHP execute UNIX command

Posted on 2009-06-29
5
Medium Priority
?
2,232 Views
Last Modified: 2013-12-13
I am want to use PHP to 'exec' a pgp encryption command. Regardless of the command line I get either a err 64 (parser error) or 162 (complete failure during an encode). So I have reduced the command line within the PHP program to:

exec("/opt/pgp/bin/pgp --fingerprint", $results);

If I run "/opt/pgp/bin/pgp --fingerprint" on a command line I get "2 keys found" and the expected display. But the same exec under PHP gives me the parser error 64. I have tried "\n" to the string command and that does not make a difference. The user runs as 'nobody' in the browser which does have execute permission. If pgp was not at least starting up I would not even see the 'parser error' from it.

Is there something special I need to do in order to run pgp under PHP?

0
Comment
Question by:esc_toe_account
  • 3
  • 2
5 Comments
 
LVL 3

Expert Comment

by:Michal-Drozd
ID: 24741152
try following (replace " with ') :
exec('/opt/pgp/bin/pgp --fingerprint', $results);

Open in new window

0
 

Author Comment

by:esc_toe_account
ID: 24750009
Thanks for responding.

SIngle versus double quotes do not make a difference. I have gotten --fingerprint to work and the key was setting the environment variable PGP_HOME_DIR.
0
 

Author Comment

by:esc_toe_account
ID: 24750033
With that one small step forward I have returned to the original problem which is getting pgp to actrually encrypt a file running as a shell command from PHP called by a browser. The exec() command is:

/opt/pgp/bin/pgp --encrypt /export/home/eckankar/dev/inc/test.txt -r 'membership' --overwrite remove --home-dir /export/home/pgphome/.pgp -v --status-file /export/home/eckankar/dev/inc/test.txt.err

 The command runs fine if I run it on the unix command line; it also runs fine if I run the php script from a command line (which in turn will shell out to exec(pgp).....); it also runs fine if a browser executes a perl script which shells out to the pgp command. However when I run it from the browser, calling PHP, I get a permission denied error shown on the last line of the status-file as follows:

pgp:encrypt (3157:current local time 2009-06-30T07:41:18-05:00)
/export/home/pgphome/.pgp/pubring.pkr : open keyrings (1006 : public keyring)
/export/home/pgphome/.pgp/secring.skr : open keyrings (1007 : private keyring)
0x221DC947:encrypt (1030 : key added to recipient list)
/export/home/eckankar/dev/inc/test.txt:encrypt (3048 : data encrypted with cipher AES-128)
/export/home/eckankar/dev/inc/test.txt:encrypt (3124 : permission denied)

So the question is: what permission is being denied?

It most certainly is not test.txt, the input file. It obviously reads it and encrypts the data so that permission is fine. Further, I set its permission for the world as 'wr'. The output file, going to the same directory as the input file with a .pgp extension, should not be a problem either as that folder is set to world 'rw'. Since pgp creates the status file shown above (in the same folder) there can't be a permission issue with that folder.

The issue is almost certainly a permission associated with the user. The browser runs as 'nobody' which has almost no environment variables and very few permissions. (Note the perl script runs fine as 'nobody'!) But as a member of 'world/other' it does have 'rw' to all the folders it requires. So can anyone suggest what permission might be needed here?
0
 
LVL 3

Accepted Solution

by:
Michal-Drozd earned 2000 total points
ID: 24750332
Perhaps i found the solution to this. It appears apache is using a working folder where it isn't an owner or isn't part of pgp's working folder. This is usually the site's current working folder - the folder where the web page was loaded.

To get this to work always set --temp-dir to the same folder where the encryption takes place.
0
 

Author Closing Comment

by:esc_toe_account
ID: 31598575
Good work Michal-Drozd - that was indeed the solution..
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Originally, this post was published on Monitis Blog, you can check it here . In business circles, we sometimes hear that today is the “age of the customer.” And so it is. Thanks to the enormous advances over the past few years in consumer techno…
It’s a season to be thankful, and we’re thankful for users like you who engage on site, solve technology problems, and network with others in the industry. What tech are we most thankful for? Keep reading.
The viewer will learn how to dynamically set the form action using jQuery.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

606 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question