.sh file apache exec

Hello,
I have a php file that is excue a .sh command:
<?php
  echo exec('/var/www/html/disable.sh');
?>


the .sh file command is:
sudo  cp /var/www/html/1.cfg /var/www/html/2.cfg


when I run it from ssh from root user account using
php /var/www/html/disable.php the /sh work fine
when I runt it from browser is not working !
so what I have to do ?
thanks.
Amin El-ZeinAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David FavorLinux/LXD/WordPress/Hosting SavantCommented:
Apache doesn't run as root.

You can run this command to determine what user/group Apache runs under.

ps auxww | egrep -i -e apache -e httpd -e fpm

Open in new window


Also notice the FPM search also. If PHP runs under FPM, then FPM ownership must be considered too.

Likely the way to handle this is to read https://linuxconfig.org/how-to-use-special-permissions-the-setuid-setgid-and-sticky-bits carefully to determine how best to assign root ownership to your disable.sh script or...

Read https://askubuntu.com/questions/116144/how-do-i-run-apache-as-root carefully to allow Apache to run some random script path as root, with no password... since there's no interactivity with Apache.

Both approaches have their pros + cons. I'd likely go with the sudo approach, as this will provide better security. Said another way, going the password-less sudo way, you'll have far less security issues to consider.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Amin El-ZeinAuthor Commented:
hello i try it with souders file but notworking !
anyidea ?
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
Follow the sudo user walk through above carefully.

Be sure to first verify what user/group your Apache runs under, for your sudo setup to work correctly.
Amin El-ZeinAuthor Commented:
Hello,
the apache run as www-data
I tried to edit sudoers files and add: ALL ALL=NOPASSWD: /var/www/html/a.sh
it's not working !
thanks.
Amin El-ZeinAuthor Commented:
hello,
any suggest please ?
thanks.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux

From novice to tech pro — start learning today.