Solved

php will not execute a shell script

Posted on 2014-11-17
7
299 Views
Last Modified: 2014-11-23
Having  trouble getting PHP to kick off a shell script I wrote.
Below is the result of an echo in PHP outputting the $command_string just before I execute  exec("$command_string") ;.

/Applications/XAMPP/xamppfiles/htdocs/myapp/AdminFiles/ForBackup/database_and_or_table_dump.sh "DnD" "my_dbname"

If I take that line and paste it into a shell it runs fine.

I've simplified the shell script to just echo "HELLO", and that doesn't work.
Same if I pass no parameters.
So my script isn't running.

WHO does the script run as?  Just curious as I have the perms 777 and that didn't help.

------------
Some of my exec cmd tries:

exec("/bin/bash $command_string") ;
exec("$command_string") ;
exec ($command_string) ;

------------
Release Notes:
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

[2014-08-21] XAMPP for OS X 1.8.3-5

This version of XAMPP includes:
    - Updated OpenSSL to 1.0.1g
    - Updated Apache to 2.4.9
    - Updated PHP to 5.5.11
    - phpMyAdmin 4.1.12

MySQL is 5.6.2.0
0
Comment
Question by:Ralph
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40449295
Code running thru Apache will only have the permission of the Apache web server.  It will not have your permissions to run shell commands.  Apache is intentionally run under a limited user account to prevent people from doing the kinds of things that you are trying to do.  While it may be irritating on a single user computer, it is vital on a multi-user system where people might sabotage the machine.
0
 

Author Comment

by:Ralph
ID: 40451639
Thanks Dave,

How then is the exec() and its cousins, meant to be used?
Any workarounds?
I need to run a non-trivial script, that checks/confirms things, to run mysqldump.
Could PHP run just that command with its parameters?

Thanks again,
Ralph
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40451687
"exec()" is mostly useful running PHP on the command line (in the terminal) where it runs under your own permissions.  Because "exec()" can run any programs that you have permissions for, it is frequently disabled on web hosting servers.
0
Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

 

Author Comment

by:Ralph
ID: 40451839
Bad news, you should have prefaced.

Do you have any suggestions?
I know safe_mode is disappearing, so I don't want to go there.

My box and ultimately the DB & Apache server will be dedicated to this php app.

Thank you again,
Ralph
0
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 500 total points
ID: 40452057
There is a feature called 'suexec' that is supposed to let you run PHP files in Apache under your own user permissions.  I don't know if it works or is even available for XAMPP on Mac.  Here's the Apache info: http://httpd.apache.org/docs/2.4/suexec.html

Another thing.  XAMPP (and WAMP and MAMP) is not considered secure enough for a 'production' environment with public and thus hacker access.  They are all designed to be 'easy' prototyping and testing environments.
0
 

Author Comment

by:Ralph
ID: 40461188
Thanks again Dave.  Yes, mine is a dev box, and the real one will be dedicated to one app.
If I read the literature right, affixing a DIR and providing only limited access to the files, should (in my limited understanding of the abilities of crooked minded people), keep even the real thing safe.  But I'm not the one to make that decision unless they ask me.  THEN I will have to get smart and likely find another way to do this.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40461213
You're welcome.  Security is a full-time problem for publicly exposed web sites and servers.
0

Featured Post

Get Database Help Now w/ Support & Database Audit

Keeping your database environment tuned, optimized and high-performance is key to achieving business goals. If your database goes down, so does your business. Percona experts have a long history of helping enterprises ensure their databases are running smoothly.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Creating and Managing Databases with phpMyAdmin in cPanel.
This article shows the steps required to install WordPress on Azure. Web Apps, Mobile Apps, API Apps, or Functions, in Azure all these run in an App Service plan. WordPress is no exception and requires an App Service Plan and Database to install
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question