Member Avatar for CapFish

Hello all!

I'm trying to restart a service in my fedora installation, from a php local file. So i discovered the shell_exec command, and tried:

shell_exec('service nagios restart')

I also tried shell_exec('sudo restart.sh') where restart.sh has the line "service nagios restart" in it.

The first time i did it, i didn't know about permissions problems, so i discovered then the sudoers file and, using the command shell_exec('whoami'), it returned "apache". Then i added the apache permission line in suoders.

The problem is still the same, i can't seem to restart this service, or any other. Can you help me? Thanks.

  • 2 Contributors
  • 3 Replies
  • 312 Views
  • 1 Day Discussion Span
  • Latest Post Latest Post by CapFish

Recommended Answers

All 3 Replies

Member Avatar for rch1231

Hello,

First the security problem... Do you realize that by adding apache to the sudoers file you are giving any user from the web rights to be root on your server?

The sudo problem... Sudo normally prompts for the users password the first time it is run for that user from a new shell and any time longer than five minutes since it last ran a command for that user in that shell.

what do you get if you run the restart.sh script from the command line? If nothing slse when you are logged in as root do:

su - apache

and you will become the apache user then see what it takes to get the restart.sh script running. Probably apache does not have the service command in it's search path so cannot execute it. You would have to have:

#!/bin/bash
/sbin/service nagios restart

in your restart.sh script

Member Avatar for CapFish

Hello,

First the security problem... Do you realize that by adding apache to the sudoers file you are giving any user from the web rights to be root on your server?

The sudo problem... Sudo normally prompts for the users password the first time it is run for that user from a new shell and any time longer than five minutes since it last ran a command for that user in that shell.

what do you get if you run the restart.sh script from the command line? If nothing slse when you are logged in as root do:

su - apache

and you will become the apache user then see what it takes to get the restart.sh script running. Probably apache does not have the service command in it's search path so cannot execute it. You would have to have:

#!/bin/bash
/sbin/service nagios restart

in your restart.sh script

Hey, thanks for the answer :)

The security is not that big problem here, because i will use this only locally.

I usually start Fedora with root user, so the script "service nagios restart" works good at the cmd line. When i do su -apache or su apache, it gives "this account is currently not available". Don't know why =/.

I´ve modified my testshell.php file, into this:

<?php

$output=shell_exec('sh srvnagios.sh'); --> [I]where srvnagios.sh has #!/bin/bash
/sbin/service nagios restart in it like you told me [/I]

echo "<pre>$output</pre>";
?>

but when i run the testshell.php file, it shows this:

"Running configuration check....CONFIG ERROR! Restart aborted. Check your Nagios configuration"

Although the problem is not the Nagios configuration, since it works when i do the same command in cmd line with root user. I suspect the problem is with the permissions of the actual user - apache.

Member Avatar for CapFish

Fixed it! :D Turns out that i add to comment the line Defaults requiretty in sudoers file. After that, everythings fine now.

@rch1231: thanks for your help.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.