LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 07-26-2011, 05:08 PM   #1
MetaMan
Member
 
Registered: Apr 2011
Distribution: Arch Linux :D
Posts: 50

Rep: Reputation: 0
Question How to run a script on host machine from a webpage


I was wondering if it was possible to run a script (something.sh) on a server when a button on a webpage is pressed. I'm going to have to guess that php is involved...

I already have Apache set up and I will set up php if I have to.

Thanks!
 
Click here to see the post LQ members have rated as the most helpful post in this thread.
Old 07-26-2011, 05:13 PM   #2
TB0ne
Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 14,186

Rep: Reputation: 2468Reputation: 2468Reputation: 2468Reputation: 2468Reputation: 2468Reputation: 2468Reputation: 2468Reputation: 2468Reputation: 2468Reputation: 2468Reputation: 2468
Quote:
Originally Posted by MetaMan View Post
I was wondering if it was possible to run a script (something.sh) on a server when a button on a webpage is pressed. I'm going to have to guess that php is involved...

I already have Apache set up and I will set up php if I have to.
Thanks!
It is possible, yes. You can either do it with PHP (read up on the exec function), or put it in your cgi-bin directory and run it from there. Going the PHP route would be safer, though, but be warned...what you're suggesting is *NOT* a safe practice. Such scripts are then prime targets for anyone who wants to compromise your system.
 
Old 07-26-2011, 09:10 PM   #3
MetaMan
Member
 
Registered: Apr 2011
Distribution: Arch Linux :D
Posts: 50

Original Poster
Rep: Reputation: 0
Lightbulb What about...

Quote:
Originally Posted by TB0ne View Post
It is possible, yes. You can either do it with PHP (read up on the exec function), or put it in your cgi-bin directory and run it from there. Going the PHP route would be safer, though, but be warned...what you're suggesting is *NOT* a safe practice. Such scripts are then prime targets for anyone who wants to compromise your system.
All I wanted to be able to do was stop a daemon (One command!). I know I could do this with, say, ssh, but I wanted to be able to do is access it from an Android phone. Plus, I don't plan on opening the server to the outside world. Plus plus, I would set up something in the .htaccess file (Or something like that) to password protect the page.

Is it still dangerous?
 
Old 07-27-2011, 03:12 AM   #4
roastinghosting
LQ Newbie
 
Registered: Jul 2011
Posts: 3

Rep: Reputation: Disabled
This is possible as the above posters say by using the PHP system() call. However the problem you will likely run into is that the PHP scripts are executed as the same user that apache runs as (normally www-data). This is will mean that running for example '/etc/init.d/sshd stop' will not work as you require root privileges.

It is however possible to allow the www-data user to run only /etc/init.d/sshd as root. This can be accomplished via sudo.

There's a short tutorial/cheetsheet I wrote years ago on it here: http://www.iclebyte.com/index.php?article=26
 
2 members found this post helpful.
Old 07-27-2011, 08:50 AM   #5
TB0ne
Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 14,186

Rep: Reputation: 2468Reputation: 2468Reputation: 2468Reputation: 2468Reputation: 2468Reputation: 2468Reputation: 2468Reputation: 2468Reputation: 2468Reputation: 2468Reputation: 2468
Quote:
Originally Posted by MetaMan View Post
All I wanted to be able to do was stop a daemon (One command!). I know I could do this with, say, ssh, but I wanted to be able to do is access it from an Android phone. Plus, I don't plan on opening the server to the outside world. Plus plus, I would set up something in the .htaccess file (Or something like that) to password protect the page.

Is it still dangerous?
Again, yes. ANYTIME you execute a script from a web page, you open a potential avenue into your system. roastinghosting summed it up well. It doesn't matter if it's one command, twelve commands, or 64 different scripts called one at a time...the potential risk is there.

Again, yes, you CAN do it. You could write it in Perl, and shove it into your cgi-bin directory, and have the program itself prompt you for a password that's unique, before the process is killed/restarted. That way, you can save a link to the perl script itself (easier to run), and still have it protected (only YOU will know the password to it). Still a BIT unsafe, but possible. Personally, since it's an internal application (assuming you're on a VPN or something similar), I'd invest the $1.99 on an SSH client for your phone, and do a keyswap between it and your server. If this process dies/needs to be restarted on a regular basis, I'd probably set up a user just for that, and put something in the .bashrc that would kill/restart it on login.

Last edited by TB0ne; 07-27-2011 at 12:45 PM.
 
1 members found this post helpful.
Old 07-27-2011, 12:39 PM   #6
MetaMan
Member
 
Registered: Apr 2011
Distribution: Arch Linux :D
Posts: 50

Original Poster
Rep: Reputation: 0
Thanks everyone! I'll try some of your suggestions. Still a bit a research to do, though...
 
  


Reply

Tags
php, script, scripting, scripts, server


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Run My CGI Script from Webpage mykolg Linux - Server 6 01-17-2011 02:17 AM
How to run a script to a remote linux machine from a windows machine squirrel001 Linux - Newbie 5 05-04-2009 06:06 PM
I want to run script on the server from client machine in windows in a perl script vpradeep Linux - Newbie 2 09-01-2008 03:29 AM
prevent users to run the same script at the same time, on the same machine pvpnguyen Programming 2 09-05-2007 08:52 PM
Samba as PDC: can it just run logon script, not host profiles? hamish Linux - Networking 0 09-09-2005 09:44 AM


All times are GMT -5. The time now is 02:33 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration