Ask Question Forum:
Model Library:2025-02-08 Updated:A.I. model is online for auto reply question page
C
O
M
P
U
T
E
R
2
8
Show
#
ASK
RECENT
←
- Underline
- Bold
- Italic
- Indent
- Step
- Bullet
- Quote
- Cut
- Copy
- Paste
- Table
- Spelling
- Find & Replace
- Undo
- Redo
- Link
- Attach
- Clear
- Code
Below area will not be traslated by Google,you can input code or other languages
Hint:If find spelling error, You need to correct it,1 by 1 or ignore it (code area won't be checked).
X-position of the mouse cursor
Y-position of the mouse cursor
Y-position of the mouse cursor
Testcursor
caretPos
Attachment:===
Asked by duncanb7
at 2024-04-03 11:08:39
ModifyPoint:500 Replies:21 POST_ID:828904USER_ID:11059
Topic:
PHP Scripting Language;Linux;Apache Web Server
Based on http://benaiah41.wordpress.com/2008/08/15/37/
Finally, I add "mylogin ALL = (ALL) ALL" in /etc/sudoers files to solve and allow
sudo for reboot my server successfully on linux shell command from mylogin account
like this mylogin@mysite.com[~/home/public_html/php/] echo "PASSWORD" | sudo -u root -S reboot
So now I try to put the reboot command on php as follow code and it works just only on linux shell after login putty program on my home PC with username=mylogin and my server is rebooting successfully when I type php rb.php
Anyway It does NOT work on browser on my home PC and cron-job on my server.
The php script is for user to reboot the server if they know the root password
from browser or his cronjob scheduler.
I have changed the shell_exec function to exec or system() in php, all doesn't work
on brower or cron-job but all works on the linux shell(putty) executing the php script.
Why ?
Any idea, sudoers file seems is no issue at all since I 've already add mylogin account name and liunx command with echo "PASSWORD" | sudo -u root -S reboot is working fine.
And it also NOT work if I put it in cron-job like
0 6 * * * echo "PASSWORD" | sudo -u root -S reboot
0 6 * * * php rb.php
So why it is only working on linux shell command and linux shell php script run but NOT work for php script run on browser or cron-job for the same reboot command echo "PASSWORD" | sudo -u root -S reboot ?
And I already change mode(chmod) to 777for rb.php file
Please advise
Duncan
rb.php
=====
Finally, I add "mylogin ALL = (ALL) ALL" in /etc/sudoers files to solve and allow
sudo for reboot my server successfully on linux shell command from mylogin account
like this mylogin@mysite.com[~/home/public_html/php/] echo "PASSWORD" | sudo -u root -S reboot
So now I try to put the reboot command on php as follow code and it works just only on linux shell after login putty program on my home PC with username=mylogin and my server is rebooting successfully when I type php rb.php
Anyway It does NOT work on browser on my home PC and cron-job on my server.
The php script is for user to reboot the server if they know the root password
from browser or his cronjob scheduler.
I have changed the shell_exec function to exec or system() in php, all doesn't work
on brower or cron-job but all works on the linux shell(putty) executing the php script.
Why ?
Any idea, sudoers file seems is no issue at all since I 've already add mylogin account name and liunx command with echo "PASSWORD" | sudo -u root -S reboot is working fine.
And it also NOT work if I put it in cron-job like
0 6 * * * echo "PASSWORD" | sudo -u root -S reboot
0 6 * * * php rb.php
So why it is only working on linux shell command and linux shell php script run but NOT work for php script run on browser or cron-job for the same reboot command echo "PASSWORD" | sudo -u root -S reboot ?
And I already change mode(chmod) to 777for rb.php file
Please advise
Duncan
rb.php
=====
<?phpchdir(dirname(__FILE__));echo dirname(__FILE__)."==x=";$today = date("F j, Y, g:i:s a");echo $today." Starting rb====";file_put_contents("rb.log",$today." Starting rb====");shell_exec('echo "PASSWORD"|sudo -u root -S reboot');?> 1:2:3:4:5:6:7:8:
Expert: serialband replied at 2024-04-05 09:55:29
Thinking back on this, if your web server is getting wedged, you should probably just restart apache, instead of rebooting.
apache WebServer = NOPASSWD: /etc/init.d/apachectl
Then have your php script only run /etc/init.d/apachectl restart
That apachectl command depends on your version of linux.
If you really must reboot, then add both commands. Server reboots should be last resorts, since many things are solvable without a reboot.
apache WebServer = NOPASSWD: /etc/init.d/apachectl,/bin/reboot
You should also figure out what's causing your server to freeze. A normally working web server does not require frequent reboots.
If you can't ssh into the system, but everything seems functional, it's possible that your disk filled up. You could leave yourself constantly connected to ssh to monitor that. The next time a problem happens, you could see why other people aren't able to start new ssh connection. Maybe you partitioned your system incorrectly for a web server and made only a single partition, or didn't partition out /tmp and /var from /. /tmp is emptied upon reboot.
apache WebServer = NOPASSWD: /etc/init.d/apachectl
Then have your php script only run /etc/init.d/apachectl restart
That apachectl command depends on your version of linux.
If you really must reboot, then add both commands. Server reboots should be last resorts, since many things are solvable without a reboot.
apache WebServer = NOPASSWD: /etc/init.d/apachectl,/bin/reboot
You should also figure out what's causing your server to freeze. A normally working web server does not require frequent reboots.
If you can't ssh into the system, but everything seems functional, it's possible that your disk filled up. You could leave yourself constantly connected to ssh to monitor that. The next time a problem happens, you could see why other people aren't able to start new ssh connection. Maybe you partitioned your system incorrectly for a web server and made only a single partition, or didn't partition out /tmp and /var from /. /tmp is emptied upon reboot.
Author: duncanb7 replied at 2024-04-05 00:58:23
Thanks for all of your reply
the issue is solved for the user to run the root command on cron-job and
php script running on linux shell.
And the issue for reboot on browser that is also worked on rb.php
with system("sudo /sbin/reboot") since when running rb.php on browser
and system command is running on behalf of default user and user group
that is set on apache conf file. So all browser users are using the same
user and user group(mylogin & mylogin) to run any command in php. And the right privilege of reboot command for the mylogin user is set on /etc/sudoers that is mentioned in previous reply post. That is why other browser users can run root reboot command.
To set or chose the authorized user to run reboot command in rb.php or direct command of sudo /sbin/reboot, we need to setup autthorized login page and let the browser users to run the command as long as they can log in the login page successfully. The phpshell.php is a good exmple to do
that.
-1- Downlod the phpshell source code into the remote server
from http://www.tecmint.com/linux-shell-access-on-browser-using-php-shell/
-2 Add mylogin MY_HOST = NOPASSWD: /sbin/reboot in /etc/sudoers file
-3 Comment "Defaults requiretty" with "#" in /etc/sudoers file in which let sudo
command to work for non tty device or put "Defaults:mylogin !requiretty"
-4 Create authorized user account and password in phpshell.php at server on browser
-5 Run sudo /sbin/reboot on the phpshell.php at server on browser after successfully login
After those five steps , remotely reboot the server on browser is allowed with
authorization login
Duncan
the issue is solved for the user to run the root command on cron-job and
php script running on linux shell.
And the issue for reboot on browser that is also worked on rb.php
with system("sudo /sbin/reboot") since when running rb.php on browser
and system command is running on behalf of default user and user group
that is set on apache conf file. So all browser users are using the same
user and user group(mylogin & mylogin) to run any command in php. And the right privilege of reboot command for the mylogin user is set on /etc/sudoers that is mentioned in previous reply post. That is why other browser users can run root reboot command.
To set or chose the authorized user to run reboot command in rb.php or direct command of sudo /sbin/reboot, we need to setup autthorized login page and let the browser users to run the command as long as they can log in the login page successfully. The phpshell.php is a good exmple to do
that.
-1- Downlod the phpshell source code into the remote server
from http://www.tecmint.com/linux-shell-access-on-browser-using-php-shell/
-2 Add mylogin MY_HOST = NOPASSWD: /sbin/reboot in /etc/sudoers file
-3 Comment "Defaults requiretty" with "#" in /etc/sudoers file in which let sudo
command to work for non tty device or put "Defaults:mylogin !requiretty"
-4 Create authorized user account and password in phpshell.php at server on browser
-5 Run sudo /sbin/reboot on the phpshell.php at server on browser after successfully login
After those five steps , remotely reboot the server on browser is allowed with
authorization login
Duncan
Assisted Solution
Expert: serialband replied at 2024-04-04 07:53:40
250 points EXCELLENT
Did you read the middle of my thread about setting altering sudo to only do the reboot with no password? That would work for apache.
Also, REMOVE the PASSWORD from your cron and scripts. That was my first sentence, which is solved by the alteration to sudo permissions in the part you've skipped. Putting passwords in a text file is horrible security, especially when you give people access from the web. If they get a hold of the text of the script from the web server, they have your password with full sudo root access.
Change the following in /etc/sudoers with visudo.
mylogin ALL = (ALL) ALL
To this:
USER MY_HOST = NOPASSWD: /bin/reboot (MY_HOST == your server's host name)
If your server's host name is WebServer:
apache WebServer = NOPASSWD: /bin/reboot
That should let apache reboot the webserver as root. It won't have any other root privileges, but this is still a bad kludge.
You're not fixing the root of the problem. You should fix the load issues on your server so you don't have to reboot. Check the logs to see what's going on. You can tune apache and maybe change the number of threads your server can handle. You should check your php code to make sure you're doing it correctly so it doesn't overload the server.
You don't need to give write permissions for testing text script. chmod 755 would be sufficient. You only need execute permissions for a compiled binary (chmod 711).
Also, REMOVE the PASSWORD from your cron and scripts. That was my first sentence, which is solved by the alteration to sudo permissions in the part you've skipped. Putting passwords in a text file is horrible security, especially when you give people access from the web. If they get a hold of the text of the script from the web server, they have your password with full sudo root access.
Change the following in /etc/sudoers with visudo.
mylogin ALL = (ALL) ALL
To this:
USER MY_HOST = NOPASSWD: /bin/reboot (MY_HOST == your server's host name)
If your server's host name is WebServer:
apache WebServer = NOPASSWD: /bin/reboot
That should let apache reboot the webserver as root. It won't have any other root privileges, but this is still a bad kludge.
You're not fixing the root of the problem. You should fix the load issues on your server so you don't have to reboot. Check the logs to see what's going on. You can tune apache and maybe change the number of threads your server can handle. You should check your php code to make sure you're doing it correctly so it doesn't overload the server.
You don't need to give write permissions for testing text script. chmod 755 would be sufficient. You only need execute permissions for a compiled binary (chmod 711).
Author: duncanb7 replied at 2024-04-04 01:17:20
serialaband,
you are right,
0 6 * * * /bin/echo "PASSWORD" | /usr/bin/sudo -S /sbin/reboot is working
and it also work on cron-job with php rb.php if fix it to
exec('/bin/echo "PASSWORD" | /usr/bin/sudo -S /sbin/reboot ');
Now it solved my first question of this thread
The last question, why I want to use php to reboot my server on my broswer because
if my server is running too much work and really slower and I could NOT access
linux shell thru PUTTY since the server reject it due to unknown system issue, so I need one way to reboot the server on browser if I know the root password. And I don't want to go to the location of server to do hardware reset button. My expectation that is
similar to the hosting company provide user can reboot or shutdown or start its VPS
server on browser remotely by which hosting company will save some time not to
argue with user for VPS system issue.
The problem is I can run php rb.php on linux shell because I know the root password
and I add mylogin on /etc/sudoers file so my login account could run .
But for browser users, how can assign right to the browser user to run root command in php like exec('/bin/echo "PASSWORD" | /usr/bin/sudo -S /sbin/reboot ') on browser ?
I take a look on PHP shell on browser that can help broswer users to run any root command if they know the root command on browser.
http://www.tecmint.com/linux-shell-access-on-browser-using-php-shell/
But it seems that is too complicated, just run such simple reboot root command, Is it right ?
Or I need to setup webpage for browser user validation to check he is authorized-user
or not first and then let them run the root command. There is two steps, Any good
comment and suggestion that is similar to we can see login process and allow user to the system tool in Cpanel
(chmod 777 is just for testing only)
Please advise
Duncan
you are right,
0 6 * * * /bin/echo "PASSWORD" | /usr/bin/sudo -S /sbin/reboot is working
and it also work on cron-job with php rb.php if fix it to
exec('/bin/echo "PASSWORD" | /usr/bin/sudo -S /sbin/reboot ');
Now it solved my first question of this thread
The last question, why I want to use php to reboot my server on my broswer because
if my server is running too much work and really slower and I could NOT access
linux shell thru PUTTY since the server reject it due to unknown system issue, so I need one way to reboot the server on browser if I know the root password. And I don't want to go to the location of server to do hardware reset button. My expectation that is
similar to the hosting company provide user can reboot or shutdown or start its VPS
server on browser remotely by which hosting company will save some time not to
argue with user for VPS system issue.
The problem is I can run php rb.php on linux shell because I know the root password
and I add mylogin on /etc/sudoers file so my login account could run .
But for browser users, how can assign right to the browser user to run root command in php like exec('/bin/echo "PASSWORD" | /usr/bin/sudo -S /sbin/reboot ') on browser ?
I take a look on PHP shell on browser that can help broswer users to run any root command if they know the root command on browser.
http://www.tecmint.com/linux-shell-access-on-browser-using-php-shell/
But it seems that is too complicated, just run such simple reboot root command, Is it right ?
Or I need to setup webpage for browser user validation to check he is authorized-user
or not first and then let them run the root command. There is two steps, Any good
comment and suggestion that is similar to we can see login process and allow user to the system tool in Cpanel
(chmod 777 is just for testing only)
Please advise
Duncan
Accepted Solution
Expert: serialband replied at 2024-04-03 22:55:16
250 points EXCELLENT
First off, putting a password into any clear text file is just horribly bad practice. You really should never, ever do that.
What exactly are you trying to accomplish? It seems that you only want the remote user to reboot the system. There are more secure ways to do that.
When you use cron, you need to set the full path names to the commands because your shell and the cron environments are different. Not everything is in the path in cron. You'll have use the full path to make sure. That's probably the problem in your web php script as well.
0 6 * * * /bin/echo "PASSWORD" | /usr/bin/sudo -S /sbin/reboot
0 6 * * * /PATH_TO_PHP/php /PATH_TO_SCRIPT/rb.php
Why are you using a browser to reboot the server instead of just giving the user ssh access with a single sudo command?
That link you provided is a very rudimentary sudo example for a beginner. It just gives a simple full access for a user on a personal workstation. You need the full sudo manual for more complex setups on servers.
http://www.sudo.ws/sudoers.man.html
You should not give the user full sudo access to root from the web page. Instead, you should set up the apache (or whichever account your browser runs as) to sudo with permissions to only run the reboot command as root on your specified host without a password.
USER MY_HOST = NOPASSWD: /bin/reboot
duncan7b MY_HOST = NOPASSWD: /bin/reboot
What user is your cronjob running as? If you really want to schedule a reboot every day at 6 am, you should create it as root or put it in /etc/cron.d/* not as some other user that has to sudo.
Your -u root option is redundant when you want to sudo as root. You only need -u when you want to run as some other non-root user. You should remove that. If you set your user to sudo reboot without a password, you can take out the echo command, the plain text password and the pipe. You'll have something much simpler and more secure.
0 6 * * * /usr/bin/sudo /sbin/reboot
You also shouldn't set chmod 777 to your scripts. You could do 755 to prevent writes by other random users. 777 is mainly for fully accessible folders or soft links.
What exactly are you trying to accomplish? It seems that you only want the remote user to reboot the system. There are more secure ways to do that.
When you use cron, you need to set the full path names to the commands because your shell and the cron environments are different. Not everything is in the path in cron. You'll have use the full path to make sure. That's probably the problem in your web php script as well.
0 6 * * * /bin/echo "PASSWORD" | /usr/bin/sudo -S /sbin/reboot
0 6 * * * /PATH_TO_PHP/php /PATH_TO_SCRIPT/rb.php
Why are you using a browser to reboot the server instead of just giving the user ssh access with a single sudo command?
That link you provided is a very rudimentary sudo example for a beginner. It just gives a simple full access for a user on a personal workstation. You need the full sudo manual for more complex setups on servers.
http://www.sudo.ws/sudoers.man.html
You should not give the user full sudo access to root from the web page. Instead, you should set up the apache (or whichever account your browser runs as) to sudo with permissions to only run the reboot command as root on your specified host without a password.
USER MY_HOST = NOPASSWD: /bin/reboot
duncan7b MY_HOST = NOPASSWD: /bin/reboot
What user is your cronjob running as? If you really want to schedule a reboot every day at 6 am, you should create it as root or put it in /etc/cron.d/* not as some other user that has to sudo.
Your -u root option is redundant when you want to sudo as root. You only need -u when you want to run as some other non-root user. You should remove that. If you set your user to sudo reboot without a password, you can take out the echo command, the plain text password and the pipe. You'll have something much simpler and more secure.
0 6 * * * /usr/bin/sudo /sbin/reboot
You also shouldn't set chmod 777 to your scripts. You could do 755 to prevent writes by other random users. 777 is mainly for fully accessible folders or soft links.
Author: duncanb7 replied at 2024-04-03 21:54:56
Dave,
I put 0 6 * * * echo "PASSWORD" | sudo -u root -S reboot
in cron-job at /var/spool/cron/ that is not working even I am root user
and I aready chmod 777 the rb.php that is also not working and is not
related to permission and permission is aready handled on
echo "PASSWORD" | sudo -u root -S reboot and set user in sudoers files.
Please advise
Duncan
I put 0 6 * * * echo "PASSWORD" | sudo -u root -S reboot
in cron-job at /var/spool/cron/ that is not working even I am root user
and I aready chmod 777 the rb.php that is also not working and is not
related to permission and permission is aready handled on
echo "PASSWORD" | sudo -u root -S reboot and set user in sudoers files.
Please advise
Duncan
Expert: Dan Craciun replied at 2024-04-03 14:10:12
That's why I suggested "php rb.php". Trying to execute the script under a new instance of php, hopefully running under a user other than Apache.
Expert: Dave Baldwin replied at 2024-04-03 14:07:42
It's not working because the user for the web server doesn't have permissions to do that. As far as I know, you can't use 'sudo' to enable the Apache user to do anything like that. They intentionally prevent that from happening.
Author: duncanb7 replied at 2024-04-03 13:36:03
but it work on linux shell
echo "PASSWORD" |sudo -u root -S shutdown -r now
but NOT on cron-job
So the issue is same why work on linux command or linux command php script
but not on browser and not on cron-job
Please advise
Duncan
echo "PASSWORD" |sudo -u root -S shutdown -r now
but NOT on cron-job
So the issue is same why work on linux command or linux command php script
but not on browser and not on cron-job
Please advise
Duncan
Author: duncanb7 replied at 2024-04-03 13:34:46
echo "PASSWORD" | sudo -u root -S /sbin/shutdown -r now
that is even NOT working on cron-job
that is even NOT working on cron-job
Expert: Dan Craciun replied at 2024-04-03 13:34:35
/sbin/shutdown -r now will reboot
/sbin/shutdown -h now will shutdown.
/sbin/shutdown -h now will shutdown.
Author: duncanb7 replied at 2024-04-03 13:30:51
I need reboot not shutdown
Author: duncanb7 replied at 2024-04-03 13:28:27
0 6 * * * echo "PASSWORD" | sudo -u root -S reboot
Why it's not working on cronjob but work on linux command ?
Should we focus it first to get the hint ?
Root Permission or privilage issue is already solved, why still issue
Should we focus this ?
We know the result from cron-job or command php script is different Sometimes . Why ?
Duncan
Why it's not working on cronjob but work on linux command ?
Should we focus it first to get the hint ?
Root Permission or privilage issue is already solved, why still issue
Should we focus this ?
We know the result from cron-job or command php script is different Sometimes . Why ?
Duncan
Expert: Dan Craciun replied at 2024-04-03 13:28:03
In what cron are you running that?
Have you tried this in cron?
echo "PASSWORD" | sudo -u root -S /sbin/shutdown -r now
Have you tried this in cron?
echo "PASSWORD" | sudo -u root -S /sbin/shutdown -r now
Author: duncanb7 replied at 2024-04-03 13:26:21
it didn't work, my putty program on my Pc is still working after I
surf http://mysite/junk.php. If work, the putty program will
be stopped or shut-down or disconnected.
Duncan
surf http://mysite/junk.php. If work, the putty program will
be stopped or shut-down or disconnected.
Duncan
Expert: Dan Craciun replied at 2024-04-03 13:21:43
So, let me get this straight:
1. you created a new php file, called junk.php
2. this file contains:
1. you created a new php file, called junk.php
2. this file contains:
Author: duncanb7 replied at 2024-04-03 13:19:25
0 6 * * * echo "PASSWORD" | sudo -u root -S reboot
Why it's not working on cronjob but work on linux command ?
Should we focus it first to get the hint ?
Root Permission or privilage issue is already solved, why still issue
Duncan
Why it's not working on cronjob but work on linux command ?
Should we focus it first to get the hint ?
Root Permission or privilage issue is already solved, why still issue
Duncan
Author: duncanb7 replied at 2024-04-03 13:13:29
I create other new php junk.php to
do shell_exec('php rb.php') that
is only working on linux shell but not on corn-job or browser
Any more advise
Duncan
do shell_exec('php rb.php') that
is only working on linux shell but not on corn-job or browser
Any more advise
Duncan
Expert: Dan Craciun replied at 2024-04-03 13:11:42
No, don't add that to rb.php.
Just use that line from inside your web page, from where the reboot is not working.
The idea is to start a new php instance to run your php file.
Just use that line from inside your web page, from where the reboot is not working.
The idea is to start a new php instance to run your php file.
Author: duncanb7 replied at 2024-04-03 13:08:51
you mean ? Is it do-looping rb.php itself ? Or create other new php
for shell_exec('php rb.php');
for rb.php file
for shell_exec('php rb.php');
for rb.php file
<?phpchdir(dirname(__FILE__));echo dirname(__FILE__)."==x=";$today = date("F j, Y, g:i:s a");echo $today." Starting rb====";file_put_contents("rb.log",$today." Starting rb====");shell_exec(''php rb.php );?> 1:2:3:4:5:6:7:8:
Expert: Dan Craciun replied at 2024-04-03 13:04:36
Have you tried to run this, from inside your web page?
HTH,
Dan
