Solved

PHP execute UNIX command

Posted on 2009-06-29
5
2,170 Views
Last Modified: 2013-12-13
I am want to use PHP to 'exec' a pgp encryption command. Regardless of the command line I get either a err 64 (parser error) or 162 (complete failure during an encode). So I have reduced the command line within the PHP program to:

exec("/opt/pgp/bin/pgp --fingerprint", $results);

If I run "/opt/pgp/bin/pgp --fingerprint" on a command line I get "2 keys found" and the expected display. But the same exec under PHP gives me the parser error 64. I have tried "\n" to the string command and that does not make a difference. The user runs as 'nobody' in the browser which does have execute permission. If pgp was not at least starting up I would not even see the 'parser error' from it.

Is there something special I need to do in order to run pgp under PHP?

0
Comment
Question by:esc_toe_account
  • 3
  • 2
5 Comments
 
LVL 3

Expert Comment

by:Michal-Drozd
Comment Utility
try following (replace " with ') :
exec('/opt/pgp/bin/pgp --fingerprint', $results);

Open in new window

0
 

Author Comment

by:esc_toe_account
Comment Utility
Thanks for responding.

SIngle versus double quotes do not make a difference. I have gotten --fingerprint to work and the key was setting the environment variable PGP_HOME_DIR.
0
 

Author Comment

by:esc_toe_account
Comment Utility
With that one small step forward I have returned to the original problem which is getting pgp to actrually encrypt a file running as a shell command from PHP called by a browser. The exec() command is:

/opt/pgp/bin/pgp --encrypt /export/home/eckankar/dev/inc/test.txt -r 'membership' --overwrite remove --home-dir /export/home/pgphome/.pgp -v --status-file /export/home/eckankar/dev/inc/test.txt.err

 The command runs fine if I run it on the unix command line; it also runs fine if I run the php script from a command line (which in turn will shell out to exec(pgp).....); it also runs fine if a browser executes a perl script which shells out to the pgp command. However when I run it from the browser, calling PHP, I get a permission denied error shown on the last line of the status-file as follows:

pgp:encrypt (3157:current local time 2009-06-30T07:41:18-05:00)
/export/home/pgphome/.pgp/pubring.pkr : open keyrings (1006 : public keyring)
/export/home/pgphome/.pgp/secring.skr : open keyrings (1007 : private keyring)
0x221DC947:encrypt (1030 : key added to recipient list)
/export/home/eckankar/dev/inc/test.txt:encrypt (3048 : data encrypted with cipher AES-128)
/export/home/eckankar/dev/inc/test.txt:encrypt (3124 : permission denied)

So the question is: what permission is being denied?

It most certainly is not test.txt, the input file. It obviously reads it and encrypts the data so that permission is fine. Further, I set its permission for the world as 'wr'. The output file, going to the same directory as the input file with a .pgp extension, should not be a problem either as that folder is set to world 'rw'. Since pgp creates the status file shown above (in the same folder) there can't be a permission issue with that folder.

The issue is almost certainly a permission associated with the user. The browser runs as 'nobody' which has almost no environment variables and very few permissions. (Note the perl script runs fine as 'nobody'!) But as a member of 'world/other' it does have 'rw' to all the folders it requires. So can anyone suggest what permission might be needed here?
0
 
LVL 3

Accepted Solution

by:
Michal-Drozd earned 500 total points
Comment Utility
Perhaps i found the solution to this. It appears apache is using a working folder where it isn't an owner or isn't part of pgp's working folder. This is usually the site's current working folder - the folder where the web page was loaded.

To get this to work always set --temp-dir to the same folder where the encryption takes place.
0
 

Author Closing Comment

by:esc_toe_account
Comment Utility
Good work Michal-Drozd - that was indeed the solution..
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Author Note: Since this E-E article was originally written, years ago, formal testing has come into common use in the world of PHP.  PHPUnit (http://en.wikipedia.org/wiki/PHPUnit) and similar technologies have enjoyed wide adoption, making it possib…
These days socially coordinated efforts have turned into a critical requirement for enterprises.
The viewer will learn how to count occurrences of each item in an array.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now