Solved

PHP execute UNIX command

Posted on 2009-06-29
5
2,196 Views
Last Modified: 2013-12-13
I am want to use PHP to 'exec' a pgp encryption command. Regardless of the command line I get either a err 64 (parser error) or 162 (complete failure during an encode). So I have reduced the command line within the PHP program to:

exec("/opt/pgp/bin/pgp --fingerprint", $results);

If I run "/opt/pgp/bin/pgp --fingerprint" on a command line I get "2 keys found" and the expected display. But the same exec under PHP gives me the parser error 64. I have tried "\n" to the string command and that does not make a difference. The user runs as 'nobody' in the browser which does have execute permission. If pgp was not at least starting up I would not even see the 'parser error' from it.

Is there something special I need to do in order to run pgp under PHP?

0
Comment
Question by:esc_toe_account
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 3

Expert Comment

by:Michal-Drozd
ID: 24741152
try following (replace " with ') :
exec('/opt/pgp/bin/pgp --fingerprint', $results);

Open in new window

0
 

Author Comment

by:esc_toe_account
ID: 24750009
Thanks for responding.

SIngle versus double quotes do not make a difference. I have gotten --fingerprint to work and the key was setting the environment variable PGP_HOME_DIR.
0
 

Author Comment

by:esc_toe_account
ID: 24750033
With that one small step forward I have returned to the original problem which is getting pgp to actrually encrypt a file running as a shell command from PHP called by a browser. The exec() command is:

/opt/pgp/bin/pgp --encrypt /export/home/eckankar/dev/inc/test.txt -r 'membership' --overwrite remove --home-dir /export/home/pgphome/.pgp -v --status-file /export/home/eckankar/dev/inc/test.txt.err

 The command runs fine if I run it on the unix command line; it also runs fine if I run the php script from a command line (which in turn will shell out to exec(pgp).....); it also runs fine if a browser executes a perl script which shells out to the pgp command. However when I run it from the browser, calling PHP, I get a permission denied error shown on the last line of the status-file as follows:

pgp:encrypt (3157:current local time 2009-06-30T07:41:18-05:00)
/export/home/pgphome/.pgp/pubring.pkr : open keyrings (1006 : public keyring)
/export/home/pgphome/.pgp/secring.skr : open keyrings (1007 : private keyring)
0x221DC947:encrypt (1030 : key added to recipient list)
/export/home/eckankar/dev/inc/test.txt:encrypt (3048 : data encrypted with cipher AES-128)
/export/home/eckankar/dev/inc/test.txt:encrypt (3124 : permission denied)

So the question is: what permission is being denied?

It most certainly is not test.txt, the input file. It obviously reads it and encrypts the data so that permission is fine. Further, I set its permission for the world as 'wr'. The output file, going to the same directory as the input file with a .pgp extension, should not be a problem either as that folder is set to world 'rw'. Since pgp creates the status file shown above (in the same folder) there can't be a permission issue with that folder.

The issue is almost certainly a permission associated with the user. The browser runs as 'nobody' which has almost no environment variables and very few permissions. (Note the perl script runs fine as 'nobody'!) But as a member of 'world/other' it does have 'rw' to all the folders it requires. So can anyone suggest what permission might be needed here?
0
 
LVL 3

Accepted Solution

by:
Michal-Drozd earned 500 total points
ID: 24750332
Perhaps i found the solution to this. It appears apache is using a working folder where it isn't an owner or isn't part of pgp's working folder. This is usually the site's current working folder - the folder where the web page was loaded.

To get this to work always set --temp-dir to the same folder where the encryption takes place.
0
 

Author Closing Comment

by:esc_toe_account
ID: 31598575
Good work Michal-Drozd - that was indeed the solution..
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

3 proven steps to speed up Magento powered sites. The article focus is on optimizing time to first byte (TTFB), full page caching and configuring server for optimal performance.
This article discusses how to implement server side field validation and display customized error messages to the client.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question