LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 06-21-2008, 02:33 PM   #1
av.dubey
Member
 
Registered: Nov 2007
Posts: 148

Rep: Reputation: 15
add user using cgi script


i m new to shell programming..
i want to add use using cgi script using web interface.
i have made an html form..

and iam want to take the value from the html form on user_add.cgi page and then add user from there..
this will create a web based useradd thing just like webmin...

can neone tell me how to do that...i have tried a lot but iam gettin error...premature end of script..

my code for user_add.cgi page is...

#!/bin/bash

echo "Content-type: text/html"
echo ""

x=gogo

useradd $x

if [ $? -eq 0 ]
then
echo "useradded"
else
echo "not added"
fi
 
Old 06-22-2008, 11:49 AM   #2
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,396
Blog Entries: 2

Rep: Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908
Your script looks like it would work if run in the context of a root login. However, as a CGI, it is a bit lacking. You probably need to return some information to the browser, like a complete HTML page. This should include at minimum, a HTML element containing a head and body element. These should contain the stuff you want to display in response to the hit on your form page.
Once you get the trivial example working, you will want to generalize the script to actually take data from your HTML form. That will involve parsing strings from the input argument list, or from environment variables depending on the 'method' used by your form.
It is unconventional to use bash for a job such as this. Other languages, of which perl and PHP are probably most common, are much better suited to this kind of job.
--- rod.

Last edited by theNbomr; 06-22-2008 at 09:05 PM.
 
Old 06-22-2008, 07:21 PM   #3
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,240

Rep: Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324
To expand on the Nombr; useradd is a root level cmd, but the web server eg Apache does not run as root, so you'll need to add it to the sudoers file and enable it to use the adduser cmd specifically.
 
Old 06-23-2008, 06:54 AM   #4
av.dubey
Member
 
Registered: Nov 2007
Posts: 148

Original Poster
Rep: Reputation: 15
well if its easy in php..can neone tell me how to do the same in php..cause i tried doing that also but m not able to use the exec function to run the root commands..
can neone plzz show me a small sample code in php to add user..
 
Old 06-23-2008, 10:25 AM   #5
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,396
Blog Entries: 2

Rep: Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908
I think chrism01 already pointed out your problem. The CGI script runs in the context of user 'apache' (assuming a typical installation). That user does not have the right to create users, and so the script must invoke sudo, passwordless, to use the useradd tool. To do this, you will need to add user apache to the sudoers file, using visudo as root.
Doing that will probably make your original bash script work, too.
--- rod.
 
Old 06-23-2008, 10:56 AM   #6
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,331
Blog Entries: 55

Rep: Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529
Also if you're developing scripts please consider doing that in an development area that is access restricted by IP (ranges) and properly password-protected. That's "AND" not "OR" and properly here means not a login/pass combo of "blah:user", "test:test" or "root:123".
 
Old 06-23-2008, 12:56 PM   #7
Neavirc
LQ Newbie
 
Registered: Apr 2008
Posts: 12

Rep: Reputation: 0
Just for note: if you will want to set a password for an user from your script you can use this command:

Code:
useradd -m -p `openssl passwd -1 user_password` user_name

That is simple, but needs openssl installed.
 
Old 06-24-2008, 06:40 AM   #8
av.dubey
Member
 
Registered: Nov 2007
Posts: 148

Original Poster
Rep: Reputation: 15
i tried to add a superuser in addition to root...by editin /etc/sudoers file..
i did this..
echo 'avinash ALL=(ALL) ALL' >> /etc/sudoers

...but still iam not able to use root commands with avinash user logged in..

like useradd and ifconfig are still not run by user avinash....

can neone tell me how to make avinash user as root user...
 
Old 06-24-2008, 06:55 AM   #9
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,331
Blog Entries: 55

Rep: Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529
You're not reading too well. theNbomr already told you to use 'visudo' to edit your /etc/sudoers and to add user apache to the sudoers file. Besides that allowing any user to execute any commands as root account user by adding an "ALL ALL" entry is a particularly risky way of doing things. I suggest you take some time to read up on and understand the tools you're working with, refine your CGI and *then* muck with Sudo.

Last edited by unSpawn; 06-24-2008 at 07:03 AM.
 
Old 06-24-2008, 06:59 AM   #10
sir_com
Member
 
Registered: Feb 2008
Posts: 31

Rep: Reputation: 15
Hi av.dubey,

in place of "echo 'avinash ALL=(ALL) ALL' >> /etc/sudoers" try this

echo 'apache ALL=(ALL) ALL' >> /etc/sudoers

This should work
 
Old 06-24-2008, 07:02 AM   #11
sir_com
Member
 
Registered: Feb 2008
Posts: 31

Rep: Reputation: 15
wo! wo! the way you are adding he user to /etc/sudoers file is not correct

in place of using "echo 'avinash ALL=(ALL) ALL' >> /etc/sudoers"

open the sudoers file using *visudo* command [run as root] and then add the line I have mentioned in my previous note.

All the Best
 
Old 06-24-2008, 07:04 AM   #12
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,331
Blog Entries: 55

Rep: Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529
@sir_com: 0) next time use the "edit" button to modify your post please and 1) adding an "ALL ALL" entry is a particularly risky way of doing things. Bad advice.
 
Old 06-24-2008, 10:07 AM   #13
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,396
Blog Entries: 2

Rep: Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908
And...
Assuming your web server is a relatively standard apache httpd configuration, the user that will be executing the commands as a CGI will be 'apache'. If you have modified httpd.conf to use a different ID, then you will need to add a record to the sudoers file with the accordant ID.
Your script may need to specify the useradd utility by its full pathname, unless the appropriate directory is in the apache (or appropriate other's) $PATH. On the system I am writing from, that is /usr/sbin/useradd.
Please don't play fast and loose with security if the host you are using is connected to the internet. Bad things happen to all of us when a powerful system like a Linux host gets compromised and used for untoward purposes.
--- rod.
 
Old 06-25-2008, 01:55 PM   #14
av.dubey
Member
 
Registered: Nov 2007
Posts: 148

Original Poster
Rep: Reputation: 15
@@Mr unspawn and sir com
iam getting what u r saying but please ready this carefully...
if i am making a script in php to allow users to add other users on their linux machin with web interface instead of typing on the terminal..it means ill be prompting them on theri respective machine for root password...
if i add apache in sudoers file then it will work only in my system not in others...

so the need is of the command that allows me to add a user using php provided iam having root password which will be entered by the user...
secondly my php code should be universal that is when i give my code to another guy he should be able to run it on his linux box also...so i dont think now there is any need to edit sudoers file..

i need some command like exec (su -u root -p password )
then my useradd command..

plzz m waitin for ur kind reply
 
Old 06-25-2008, 02:59 PM   #15
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,396
Blog Entries: 2

Rep: Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908
Please clarify something for us: are you attempting to create some web page that will allow users to add other users on the host where the browser is running?

To do this, your PHP code would have to make a ssh or telnet connection back to the client host, and using some passwordless root login, execute useradd with proper parameters. Did you hear when you were cautioned about security?

If this is not your intention, then you seem to be confused about how a web server & web browser interact. Any executable launched by the web server will run on the web server host only, and will do so as the user 'apache'. It may leverage some privileges through the use of sudo. This accomplishes the same thing your pseudo-code seems to suggest.

--- rod.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
helping in cgi script that add users to the system adam_blackice Programming 14 04-16-2007 03:41 AM
run cgi script as a user other than apache paul_mat Linux - Software 1 06-02-2006 03:01 PM
trying to add cgi-bin perl script. shizzle Linux - Networking 7 05-19-2005 02:24 AM
Allow user to run their own cgi script samwong Linux - Newbie 5 05-25-2004 11:22 PM
CGI Script add user to redhat 9 djkoe Linux - General 1 02-08-2004 05:20 PM


All times are GMT -5. The time now is 12:36 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration