LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-24-2011, 08:20 PM   #16
athrin
Member
 
Registered: Mar 2011
Posts: 135

Original Poster
Rep: Reputation: 1

Quote:
Originally Posted by MTK358 View Post
If so, you can make sudo run the dmidecode command for a certain user without asking for a password. Run visudo and add this line:

Code:
username ALL = NOPASSWD: path-to-dmidecode-executable
so i need to add
Code:
username ALL = NOPASSWD: path-to-dmidecode-executable
inside visudo then run the program? do i need to change anything in .sh file or in .php file?
 
Old 04-24-2011, 08:31 PM   #17
MTK358
LQ 5k Club
 
Registered: Sep 2009
Posts: 6,443
Blog Entries: 3

Rep: Reputation: 721Reputation: 721Reputation: 721Reputation: 721Reputation: 721Reputation: 721Reputation: 721
Quote:
Originally Posted by athrin View Post
so i need to add
Code:
username ALL = NOPASSWD: path-to-dmidecode-executable
inside visudo then run the program?
I don't understand what that means. visudo is a program that launches a text editor and then confirms the syntax after you exit the editor. It uses the vi editor by default. If you want to use a different editor (nano, for example), do it like this:

Code:
EDITOR=nano visudo
Quote:
Originally Posted by athrin View Post
do i need to change anything in .sh file or in .php file?
Wherever you run "dmidecode", run "sudo" with "dmidecode" as the first argument, instead.

Last edited by MTK358; 04-24-2011 at 08:32 PM.
 
Old 04-24-2011, 08:38 PM   #18
athrin
Member
 
Registered: Mar 2011
Posts: 135

Original Poster
Rep: Reputation: 1
where can i put this?
Code:
username ALL = NOPASSWD: path-to-dmidecode-executable

Last edited by athrin; 04-24-2011 at 09:05 PM.
 
Old 04-24-2011, 09:38 PM   #19
MrCode
Member
 
Registered: Aug 2009
Location: Oregon, USA
Distribution: Arch
Posts: 864
Blog Entries: 31

Rep: Reputation: 148Reputation: 148
Quote:
where can i put this?
Code:
 username ALL = NOPASSWD: path-to-dmidecode-executable
This isn't meant literally; "username" should be replaced with the name of the normal user of the system, and "path-to-dmidecode-executable" should be replaced with the literal path to dmidecode itself (e.g. "/usr/sbin/dmidecode").

It's placed inside the /etc/sudoers file using visudo, which is a special utility made to securely edit /etc/sudoers.

Last edited by MrCode; 04-24-2011 at 09:39 PM.
 
Old 04-24-2011, 11:23 PM   #20
athrin
Member
 
Registered: Mar 2011
Posts: 135

Original Poster
Rep: Reputation: 1
Quote:
Originally Posted by MrCode View Post
This isn't meant literally; "username" should be replaced with the name of the normal user of the system, and "path-to-dmidecode-executable" should be replaced with the literal path to dmidecode itself (e.g. "/usr/sbin/dmidecode").

It's placed inside the /etc/sudoers file using visudo, which is a special utility made to securely edit /etc/sudoers.
oh then it like this
Code:
root ALL = NOPASSWD: /var/www/cgi-bin/example.sh
 
Old 04-24-2011, 11:58 PM   #21
micxz
Senior Member
 
Registered: Sep 2002
Location: CA
Distribution: openSuSE, Cent OS, Slackware
Posts: 1,131

Rep: Reputation: 75
athrin:
Remember when you execute a php file it will execute as the user the web server is running as e.g. "apache". So the above sudoers file would for example contain:
Code:
apache ALL = NOPASSWD: /var/www/cgi-bin/example.sh
What your saying here is "let the user apache run example.sh as root without a password prompt"

But I don't know if this is the safest way as it seem like you would want to avoid escalating apache to root even if it's only one command. I like the cron idea the best so far if you don't need real time results.
 
Old 04-25-2011, 12:27 AM   #22
micxz
Senior Member
 
Registered: Sep 2002
Location: CA
Distribution: openSuSE, Cent OS, Slackware
Posts: 1,131

Rep: Reputation: 75
Also be aware the above example will run everything in example.sh as root not just the dmidecode part within. should stick to the the path-to-dmidecode-executable examples above if your going this route.
 
Old 04-25-2011, 02:25 AM   #23
athrin
Member
 
Registered: Mar 2011
Posts: 135

Original Poster
Rep: Reputation: 1
Code:
# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the sudoers man page for the details on how to write a sudoers file.
#

# Host alias specification

# User alias specification

# Cmnd alias specification

# Defaults specification

# User privilege specification
root    ALL=(ALL) ALL

# Uncomment to allow people in group wheel to run all commands
# %wheel        ALL=(ALL)       ALL

# Same thing without a password
# %wheel        ALL=(ALL)       NOPASSWD: ALL

# Samples
# %users  ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users  localhost=/sbin/shutdown -h now
it got many slot. which one should i fill?
 
Old 04-25-2011, 08:05 AM   #24
MTK358
LQ 5k Club
 
Registered: Sep 2009
Posts: 6,443
Blog Entries: 3

Rep: Reputation: 721Reputation: 721Reputation: 721Reputation: 721Reputation: 721Reputation: 721Reputation: 721
Quote:
Originally Posted by athrin View Post
oh then it like this
Code:
root ALL = NOPASSWD: /var/www/cgi-bin/example.sh
That's still not right. Put the path to the dmidecode executable, not the script that runs dmidecode. Then modify the script to run "sudo dmidecode" instead of "dmidecode".

Also, the username should be for the account that the server uses, which might not be root.
 
Old 04-25-2011, 08:07 AM   #25
MTK358
LQ 5k Club
 
Registered: Sep 2009
Posts: 6,443
Blog Entries: 3

Rep: Reputation: 721Reputation: 721Reputation: 721Reputation: 721Reputation: 721Reputation: 721Reputation: 721
Quote:
Originally Posted by athrin View Post
it got many slot. which one should i fill?
Anywhere.

But to make it organized, put it under the "User privilege specification" section. (Note that the lines beginning with "#" are ignored, they are just comments for human readers, not some kind of "slots").
 
Old 04-25-2011, 09:29 PM   #26
athrin
Member
 
Registered: Mar 2011
Posts: 135

Original Poster
Rep: Reputation: 1
Quote:
Originally Posted by MTK358 View Post
That's still not right. Put the path to the dmidecode executable, not the script that runs dmidecode. Then modify the script to run "sudo dmidecode" instead of "dmidecode".

Also, the username should be for the account that the server uses, which might not be root.
oh well i'm login using root.. so that mean the username is root right? or ip addrs? you said path to dmidecode
so it like this?
Code:
root ALL = NOPASSWD: /var/www/cgi-bin/

Last edited by athrin; 04-25-2011 at 09:35 PM.
 
Old 04-25-2011, 11:46 PM   #27
micxz
Senior Member
 
Registered: Sep 2002
Location: CA
Distribution: openSuSE, Cent OS, Slackware
Posts: 1,131

Rep: Reputation: 75
I sure your web server does not run as root. I think you should wrap your head around sudo before making cut and paste solutions. We are trying to help you understand the tools as well as use them.

1. man sudo
2. look at what user you server is running as? user nobody or most likely apache
3. implement the above suggestions making dmidecode available to the user found in step two via sudo.
4. create your cgi or php script and call it via, "sudo dmidecode".


hope this helps.
 
Old 04-26-2011, 02:59 AM   #28
athrin
Member
 
Registered: Mar 2011
Posts: 135

Original Poster
Rep: Reputation: 1
Quote:
Originally Posted by micxz View Post
I sure your web server does not run as root. I think you should wrap your head around sudo before making cut and paste solutions. We are trying to help you understand the tools as well as use them.

1. man sudo
2. look at what user you server is running as? user nobody or most likely apache
3. implement the above suggestions making dmidecode available to the user found in step two via sudo.
4. create your cgi or php script and call it via, "sudo dmidecode".
already tried httpd and apache. didnt work..
i already have sh and php script. =_=

Last edited by athrin; 04-26-2011 at 04:35 AM.
 
Old 04-26-2011, 08:42 AM   #29
MTK358
LQ 5k Club
 
Registered: Sep 2009
Posts: 6,443
Blog Entries: 3

Rep: Reputation: 721Reputation: 721Reputation: 721Reputation: 721Reputation: 721Reputation: 721Reputation: 721
Quote:
Originally Posted by athrin View Post
oh well i'm login using root.. so that mean the username is root right?
No, it doesn't. The server might have its own, separate account.

Quote:
Originally Posted by athrin View Post
you said path to dmidecode
so it like this?
Code:
root ALL = NOPASSWD: /var/www/cgi-bin/


Where do you see "dmidecode" in that path? I sure don't.

Code:
replace-this-with-the-server's-username ALL = NOPASSWD: /usr/sbin/dmidecode
Note that it might not be "/usr/sbin" for all systems. This is for my Arch system.

Last edited by MTK358; 04-26-2011 at 08:45 AM.
 
Old 04-26-2011, 12:31 PM   #30
micxz
Senior Member
 
Registered: Sep 2002
Location: CA
Distribution: openSuSE, Cent OS, Slackware
Posts: 1,131

Rep: Reputation: 75
to find out your server user:
cat httpd.conf | grep User
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] How to execute bash script from web page mustkill Linux - Server 16 05-20-2010 11:01 AM
how i can run bash script on my web? mikejosh Programming 2 04-09-2010 09:59 AM
How do I execute a bash script from a link on a web page? Is there any way to do this digilifellc Linux - Desktop 5 03-10-2010 11:24 AM
How toExecute bash scripts from web interface milescook Linux - Software 3 05-28-2006 08:44 AM
Execute bash commands from web page solomage Linux - Software 1 10-07-2004 10:54 AM


All times are GMT -5. The time now is 11:53 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration