GnuPG PHP website - encryption will not work from PHP

I am able to encrypt using PuTTY from the command line, but not from my web-page.

Here is my line of PHP code: system("/usr/bin/gpg --homedir /gnupg-files/.gnupg --encrypt -ao encryptedfile.txt -r 'Rhiannon <rhiannon@viva.org.uk>' 789.txt");

When I use PuTTY I type this in:
[timetogoveggie.com@shell1c40 /]$ gpg --homedir /gnupg-files/.gnupg --encrypt -a                      o encryptedfile.txt -r rhiannon@viva.org.uk 789.txt

Initially I thought it was a permissions problem but I seem to be logged in to PuTTY as the same user as I am on the website:

Website user:
<?php
echo system("id");
?>

gives me
uid=186655(timetogoveggie.com) gid=100(users) groups=65533(nobody),65534(nogroup) uid=186655(timetogoveggie.com) gid=100(users) groups=65533(nobody),65534(nogroup)

PuTTY user:
[timetogoveggie.com@shell1c40 /]$ id -u
186655

[timetogoveggie.com@shell1c40 /]$ whoami
timetogoveggie.com

--------------------------------------------------------------------------------------------

We had GnuPG working nicely on the old server, then our hosting company got bought out by Aplus.net and we got moved to their servers... and now it will not work!

It simply will not create an encrypted file using GnuPG.

I am on Bash shell in Linux with fairly restricted permissions (eg. I am not allowed to use the chown command).

Do you think this could be a problem with my PHP in the line above?
Daizzy-MaeAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

MrVandemarCommented:
are you in a chrooted environment on the server when you ssh in? Im guessing you are and that when your script runs in the webservice that it in turn isnt in a chrooted invironment which would change the location of  /gnupg-files/.gnupg to a location that you dont have write access to.

Also, have you checked to see if the server has the gnupg pecl extension? might make coding a little easier

0
Daizzy-MaeAuthor Commented:
Thank you MrVandemar.

How do I tell whether I have permission in both PuTTY and the PHP page?

It appears that I am logged into both as the same user with the same UID.

Here is the result of the permissions on the web page to the folder where GPG is installed, but I'm not bright enough to work out whether this means the user timetogoveggie.com (186655) has permission to use GPG or not! Do you think this is the problem?

<?php

echo system("id");
echo "\n\n";
echo fileperms("/usr/bin/gpg");
echo "\n\n";
print_r(stat("/usr/bin/gpg"));

?>

uid=186655(timetogoveggie.com) gid=100(users) groups=65533(nobody),65534(nogroup) uid=186655(timetogoveggie.com) gid=100(users) groups=65533(nobody),65534(nogroup)

33261

Array ( [0] => 26627 [1] => 448 [2] => 33261 [3] => 1 [4] => 0 [5] => 0 [6] => 0 [7] => 681933 [8] => 1269531949 [9] => 1031680334 [10] => 1252894483 [11] => 4096 [12] => 1337 [dev] => 26627 [ino] => 448 [mode] => 33261 [nlink] => 1 [uid] => 0 [gid] => 0 [rdev] => 0 [size] => 681933 [atime] => 1269531949 [mtime] => 1031680334 [ctime] => 1252894483 [blksize] => 4096 [blocks] => 1337 ):
0
Daizzy-MaeAuthor Commented:
Our host has confirmed that we do have the GNUPG PHP Pecl extension, but I don't trust them an inch, and I don't know how to tell whether they are telling the truth!
0
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

MrVandemarCommented:
Quick and dirty full environment check, if you hosting provider hasn't blocked it.

create a php file in your websites root directory, call it test.php

put one line in it:

<?php phpinfo(); ?>

Now browse to that page. If the function hasnt been disabled it will tell you all the modules that you have available in php, their default settings and the current environment. In the last section you should see a line

_SERVER["DOCUMENT_ROOT"]

That will give you an idea of the path where gnupg is looking for the files, you will also see a section "gnupg" with version info if the pecl extension is installed
0
Daizzy-MaeAuthor Commented:
Hi! :-)

Here is the phpinfo() page (here's one I made earlier!): https://secure40.securewebsession.com/timetogoveggie.com/vvfshop/richinfo.php

Interestingly the root seems to be:       
/services/webpages/t/i/timetogoveggie.com/secure

I had been using just:
/services/webpages/t/i/timetogoveggie.com/

Also there is no section for GnuPG I think?
0
MrVandemarCommented:
When you ssh in do you get put straight into the directory where your web files are located?
0
Daizzy-MaeAuthor Commented:
yes, it goes straight to the root of my website :-)
If is do "ls" it lists out the files at the very root, the website itself is in a folder called 'public' so it's up 1 folder in the directory structure.
0
MrVandemarCommented:
Hmm, this one is a fun one. Try   ls -al to see if anything is a symlink. Though you should be able to put your keyfile in the directory where you login at. And while they may have installed the gnupg pecl via "pecl install gnupg" they didnt add extension=gnupg.so to the php.ini to actually load the extension.

From the shell, what is the output of pwd?
0
Daizzy-MaeAuthor Commented:
Hi

I think these are the only 3 symlinks on my area:

html -> public
secure -> public
secure-cgi-bin -> cgi-bi

From the shell pwd is just "/"

Thank you! :-)
0
MrVandemarCommented:
Ok, you are in a chrooted  environment, tell your hosting provider that you need to know what the absolute path is to your homedir so that you can use it in your scripts. There appears to be a lot of rewriting going on in the webserver so this is really the only way to get the exact location of where you keyring needs to be.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Daizzy-MaeAuthor Commented:
Thank you, I am going to tag your post as the answer. The hosting company seem rather slow. It seems:
a) they have been looking at the wrong page for weeks
b) they don't understand GnuPG
c) they got me mixed up with another client

Bless them and their frustrating lack of support!

My solution is to rewrite the whole shop with PayPal. Not ideal but at least we are able to take payments now!!!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.