Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
Your script looks like it would work if run in the context of a root login. However, as a CGI, it is a bit lacking. You probably need to return some information to the browser, like a complete HTML page. This should include at minimum, a HTML element containing a head and body element. These should contain the stuff you want to display in response to the hit on your form page.
Once you get the trivial example working, you will want to generalize the script to actually take data from your HTML form. That will involve parsing strings from the input argument list, or from environment variables depending on the 'method' used by your form.
It is unconventional to use bash for a job such as this. Other languages, of which perl and PHP are probably most common, are much better suited to this kind of job.
well if its easy in php..can neone tell me how to do the same in php..cause i tried doing that also but m not able to use the exec function to run the root commands..
can neone plzz show me a small sample code in php to add user..
I think chrism01 already pointed out your problem. The CGI script runs in the context of user 'apache' (assuming a typical installation). That user does not have the right to create users, and so the script must invoke sudo, passwordless, to use the useradd tool. To do this, you will need to add user apache to the sudoers file, using visudo as root.
Doing that will probably make your original bash script work, too.
Also if you're developing scripts please consider doing that in an development area that is access restricted by IP (ranges) and properly password-protected. That's "AND" not "OR" and properly here means not a login/pass combo of "blah:user", "test:test" or "root:123".
You're not reading too well. theNbomr already told you to use 'visudo' to edit your /etc/sudoers and to add user apache to the sudoers file. Besides that allowing any user to execute any commands as root account user by adding an "ALL ALL" entry is a particularly risky way of doing things. I suggest you take some time to read up on and understand the tools you're working with, refine your CGI and *then* muck with Sudo.
Assuming your web server is a relatively standard apache httpd configuration, the user that will be executing the commands as a CGI will be 'apache'. If you have modified httpd.conf to use a different ID, then you will need to add a record to the sudoers file with the accordant ID.
Your script may need to specify the useradd utility by its full pathname, unless the appropriate directory is in the apache (or appropriate other's) $PATH. On the system I am writing from, that is /usr/sbin/useradd.
Please don't play fast and loose with security if the host you are using is connected to the internet. Bad things happen to all of us when a powerful system like a Linux host gets compromised and used for untoward purposes.
@@Mr unspawn and sir com
iam getting what u r saying but please ready this carefully...
if i am making a script in php to allow users to add other users on their linux machin with web interface instead of typing on the terminal..it means ill be prompting them on theri respective machine for root password...
if i add apache in sudoers file then it will work only in my system not in others...
so the need is of the command that allows me to add a user using php provided iam having root password which will be entered by the user...
secondly my php code should be universal that is when i give my code to another guy he should be able to run it on his linux box also...so i dont think now there is any need to edit sudoers file..
i need some command like exec (su -u root -p password )
then my useradd command..
Please clarify something for us: are you attempting to create some web page that will allow users to add other users on the host where the browser is running?
To do this, your PHP code would have to make a ssh or telnet connection back to the client host, and using some passwordless root login, execute useradd with proper parameters. Did you hear when you were cautioned about security?
If this is not your intention, then you seem to be confused about how a web server & web browser interact. Any executable launched by the web server will run on the web server host only, and will do so as the user 'apache'. It may leverage some privileges through the use of sudo. This accomplishes the same thing your pseudo-code seems to suggest.