LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-17-2007, 02:15 PM   #1
christopher_c
Member
 
Registered: Sep 2007
Posts: 61

Rep: Reputation: 15
How to run apache as root


I am aware of the vulnerabilities of doing so, although I am trying to find out how I can run apache root so I can add users through PHP using shell_exec.

TY
 
Old 10-17-2007, 02:29 PM   #2
The_JinJ
Member
 
Registered: Apr 2004
Location: Scotland
Distribution: Suse, OpenWRT
Posts: 299

Rep: Reputation: 30
Could you use sudo?
 
Old 10-17-2007, 02:57 PM   #3
christopher_c
Member
 
Registered: Sep 2007
Posts: 61

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by The_JinJ View Post
Could you use sudo?
hmm, well, i tried doing:
Code:
<?php

echo shell_exec('whoami');

?>
and got

Code:
apache
as the result.


I then tried doing
Code:
<?php

echo shell_exec('sudo echo hello');

?>
and just got a blank page ><

I tried setting sudo priveleges in etc/sudoers by adding

Code:
apache ALL=(ALL) ALL
but still nothing ><


Any ideas what is wrong?
 
Old 10-17-2007, 04:01 PM   #4
The_JinJ
Member
 
Registered: Apr 2004
Location: Scotland
Distribution: Suse, OpenWRT
Posts: 299

Rep: Reputation: 30
Guess it could be a path problem? What does the error log say?
 
Old 10-17-2007, 05:01 PM   #5
christopher_c
Member
 
Registered: Sep 2007
Posts: 61

Original Poster
Rep: Reputation: 15
i checked my log when i tried running the script that had the code and got the following error :

Code:
Oct 17 19:42:54 localhost sudo(pam_unix)[19054]: authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=  user=apache
 
Old 10-17-2007, 05:08 PM   #6
The_JinJ
Member
 
Registered: Apr 2004
Location: Scotland
Distribution: Suse, OpenWRT
Posts: 299

Rep: Reputation: 30
Think you may need to set the allowable commands in sudoers?

http://www.gratisoft.us/sudo/man/sudoers.html#examples

EDIT

You have already doh! Ignore above

Last edited by The_JinJ; 10-17-2007 at 05:11 PM.
 
Old 10-17-2007, 05:16 PM   #7
The_JinJ
Member
 
Registered: Apr 2004
Location: Scotland
Distribution: Suse, OpenWRT
Posts: 299

Rep: Reputation: 30
Just a thought - did you use visudo to edit sudoers?
 
Old 10-17-2007, 08:53 PM   #8
christopher_c
Member
 
Registered: Sep 2007
Posts: 61

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by The_JinJ View Post
Just a thought - did you use visudo to edit sudoers?

I was reading up on the /etc/sudoers file and how they say you MUST use visudo, but if I recall I didnt use it and just used Vi.

Although i might have gone back and went in through visudo...

Would that potentially be the prob?
 
Old 10-17-2007, 08:54 PM   #9
jonwatson
Member
 
Registered: Jun 2004
Location: Nova Scotia, Canada!
Distribution: Ubuntu
Posts: 170

Rep: Reputation: 30
Quote:
Originally Posted by christopher_c View Post
hmm, well, i tried doing:
Code:
<?php

echo shell_exec('sudo echo hello');

?>
and just got a blank page ><
I think that's probably predictable. Sudo should prompt you for a password and since you cannot see or answer that prompt, I'm not surprised it bailed.

I have a friend working on something similar. If I remember, I'll ask him how he's doing it.
 
Old 10-18-2007, 12:20 AM   #10
christopher_c
Member
 
Registered: Sep 2007
Posts: 61

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by jonwatson View Post
I think that's probably predictable. Sudo should prompt you for a password and since you cannot see or answer that prompt, I'm not surprised it bailed.

I have a friend working on something similar. If I remember, I'll ask him how he's doing it.
That would be great help
 
Old 10-18-2007, 01:14 AM   #11
The_JinJ
Member
 
Registered: Apr 2004
Location: Scotland
Distribution: Suse, OpenWRT
Posts: 299

Rep: Reputation: 30
Quote:
Originally Posted by christopher_c View Post
I was reading up on the /etc/sudoers file and how they say you MUST use visudo, but if I recall I didnt use it and just used Vi.

Although i might have gone back and went in through visudo...

Would that potentially be the prob?
visudo checks for syntax errors amongst other stuff
Have a look at the NOPASSWD option
ALso noticed the posix_setuid option in the PHP manual - may be an option - but they are all so insecure
 
Old 10-18-2007, 12:03 PM   #12
christopher_c
Member
 
Registered: Sep 2007
Posts: 61

Original Poster
Rep: Reputation: 15
Code:
echo shell_exec("sudo echo hello");
output: hello


it works!

To be honest, im not 100% sure how it started working, I think there might have been an error in my sudoers file. I went back and used the visudo command and very precisely followed this link http://www.techenclave.com/forums/th...mmand-839.html
to give proper permissions and commands to run.

Thanks again guys, many thanks
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
why lftp command run failed when user isn't root, but ok when logining as root steven_yu Linux - Software 0 06-06-2007 09:36 PM
Is a script, run at boot time from init.d, run with root authority? tmbrwolf53 Linux - Server 2 03-31-2007 09:15 PM
I have to ssh -l root to run root processes!? paul.nel Red Hat 3 11-15-2004 12:55 PM
Can only run apache from root? apc Linux - Software 2 07-29-2004 02:35 AM
to run apache as root ! consta Linux - Hardware 4 08-07-2003 04:48 AM


All times are GMT -5. The time now is 08:21 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration