LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 06-30-2012, 06:48 PM   #1
OtagoHarbour
Member
 
Registered: Oct 2011
Posts: 273

Rep: Reputation: 3
Copying File Between Servers with PHP or Shell Commands


I have a DMZ set up with a web server (Ubuntu 11.04) and an application server (Ubuntu 11.10). I can call php files on one server from the other using LAMP. I have set things up so a user can upload files. The files are uploaded to a folder /var/www/dropbox on the web server. I would like to be able to add php code to copy the files from the web server to the application server. What would be the best way to do this in the PHP code? I could use a shell command and use something like

Code:
exec("Shell command");
but do not know what shell command would be best to use.

Any assistance would be greatly appreciated,
Peter.
 
Old 07-02-2012, 08:04 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,384

Rep: Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963
I would not suggest doing this at all due to the security issues that stem from running arbitrary commands on demand. I would recommend looking at a cron job or something equivalent to push files to their destination asynchronously.
 
1 members found this post helpful.
Old 07-04-2012, 11:20 AM   #3
OtagoHarbour
Member
 
Registered: Oct 2011
Posts: 273

Original Poster
Rep: Reputation: 3
Quote:
Originally Posted by acid_kewpie View Post
I would not suggest doing this at all due to the security issues that stem from running arbitrary commands on demand. I would recommend looking at a cron job or something equivalent to push files to their destination asynchronously.
It seems that Cron is for scheduling tasks. I would want the clients files to be copied pretty well immediately so that they can start processing them with the software I have written. Would there be security issues in my copying using a bash file that anyone can execute but noone had read persmission for? The files would be automatically checked before and after the copy.

Thanks,
Peter.
 
Old 07-04-2012, 07:19 PM   #4
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.5, Centos 5.10
Posts: 16,261

Rep: Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028
Code:
security issues in my copying using a bash file that anyone can execute but noone had read persmission for? The files would be automatically checked before and after the copy.
If you've got method for auto-checking a shell file for exploits that actually works, I'd very surprised .. I believe the general case is unsolvable.

In any case, a shell file requires read+execute permissions to run directly (eg ./my.sh). You could use
Code:
bash my.sh
which only requires that the sh file be readable.
 
1 members found this post helpful.
Old 07-06-2012, 06:00 AM   #5
OtagoHarbour
Member
 
Registered: Oct 2011
Posts: 273

Original Poster
Rep: Reputation: 3
Quote:
Originally Posted by chrism01 View Post
Code:
security issues in my copying using a bash file that anyone can execute but noone had read persmission for? The files would be automatically checked before and after the copy.
If you've got method for auto-checking a shell file for exploits that actually works, I'd very surprised .. I believe the general case is unsolvable.
Currently the files that are uploaded must be one of two formats. If neither of those formats, the files is rejected.

Quote:
Originally Posted by chrism01 View Post
In any case, a shell file requires read+execute permissions to run directly (eg ./my.sh). You could use
Code:
bash my.sh
which only requires that the sh file be readable.
If I did not want to use a file with read permissions, could I write an executable in C++ and make a system call? If so, what would be the best system call to use?

Thanks,
Peter.
 
Old 07-09-2012, 08:55 PM   #6
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.5, Centos 5.10
Posts: 16,261

Rep: Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028
Depends on exactly what you want it to do.
A binary executable generated from C code only requires 'x' perm to run.

A script file eg bash, perl etc either requires 'rx' if run directly, or at least 'r' if run by another exe eg '/bin/bash my.sh' or '/usr/bin/perl my.pl'.
IE, the calling exe needs to be able to read the content in order to action it.

To copy files between systems I recommend scp or sftp using ssh-auth-keys for automatic processes.

I'm going to assume that you trust the file contents, obviously...

HTH
 
1 members found this post helpful.
Old 07-09-2012, 09:41 PM   #7
evo2
Guru
 
Registered: Jan 2009
Location: Japan
Distribution: Debian, SL
Posts: 5,196

Rep: Reputation: 1120Reputation: 1120Reputation: 1120Reputation: 1120Reputation: 1120Reputation: 1120Reputation: 1120Reputation: 1120Reputation: 1120
Hi,

I know I'm jumping into this thread a bit late, but I've something to add.
Quote:
Originally Posted by OtagoHarbour View Post
It seems that Cron is for scheduling tasks. I would want the clients files to be copied pretty well immediately so that they can start processing them with the software I have written.
It looks like what you want is actually "incron", which is similar to cron but it performs actions based on filesystem events instead of time(s).

HTH,

Evo2.
 
Old 07-12-2012, 09:43 PM   #8
OtagoHarbour
Member
 
Registered: Oct 2011
Posts: 273

Original Poster
Rep: Reputation: 3
Quote:
Originally Posted by chrism01 View Post
Depends on exactly what you want it to do.
A binary executable generated from C code only requires 'x' perm to run.

A script file eg bash, perl etc either requires 'rx' if run directly, or at least 'r' if run by another exe eg '/bin/bash my.sh' or '/usr/bin/perl my.pl'.
IE, the calling exe needs to be able to read the content in order to action it.

To copy files between systems I recommend scp or sftp using ssh-auth-keys for automatic processes.
I tried

Code:
scp CMakeCache.txt 192.168.1.10:/home/peter/dropbox
and got

Code:
ssh: connect to host 192.168.1.10 port 22: Connection refused
lost connection
When I enter


Code:
sudo ufw status
on 192.168.1.10, I get, among other things,
Code:
To            Action         From
Anywhere      ALLOW          192.168.1.5
I am trying to copy from 192.168.1.5

Quote:
I'm going to assume that you trust the file contents, obviously...

HTH
LOL. Not entirely although they should be from registered users. I plan to have several layers of checks for what is uploaded.

Thanks,
Peter.
 
Old 07-12-2012, 09:46 PM   #9
OtagoHarbour
Member
 
Registered: Oct 2011
Posts: 273

Original Poster
Rep: Reputation: 3
Quote:
Originally Posted by evo2 View Post
Hi,

I know I'm jumping into this thread a bit late, but I've something to add.

It looks like what you want is actually "incron", which is similar to cron but it performs actions based on filesystem events instead of time(s).

HTH,

Evo2.
Thank you for the reply. would that be better than rcp?

Thanks,
Peter.
 
Old 07-12-2012, 10:27 PM   #10
evo2
Guru
 
Registered: Jan 2009
Location: Japan
Distribution: Debian, SL
Posts: 5,196

Rep: Reputation: 1120Reputation: 1120Reputation: 1120Reputation: 1120Reputation: 1120Reputation: 1120Reputation: 1120Reputation: 1120Reputation: 1120
Quote:
Originally Posted by OtagoHarbour View Post
Thank you for the reply. would that be better than rcp?
No, you would use it to automatically run a script to copy the files that appear on disk.
The script which does the copying should probably use scp or rsync with ssh. Authentication should be done using rsa public/private keys. rcp is insecure.

Evo2.
 
1 members found this post helpful.
Old 07-14-2012, 03:52 PM   #11
OtagoHarbour
Member
 
Registered: Oct 2011
Posts: 273

Original Poster
Rep: Reputation: 3
Quote:
Originally Posted by evo2 View Post
No, you would use it to automatically run a script to copy the files that appear on disk.
The script which does the copying should probably use scp or rsync with ssh. Authentication should be done using rsa public/private keys. rcp is insecure.

Evo2.
Sorry. I meant to say scp, not rcp.

Thanks,
Peter.
 
  


Reply

Tags
copying, dmz, file operators, lamp, php


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
shell commands with php unknown1 Programming 4 01-12-2010 12:50 PM
executing shell commands in PHP mohtasham1983 Programming 7 09-14-2007 11:04 AM
Executing shell commands through PHP!!! Richtown Linux - Newbie 6 04-12-2006 02:57 PM
Running shell commands thru PHP JonathonReinhart Linux - Software 1 12-23-2005 02:05 AM
[PHP] Sending shell commands from PHP pEeDy Programming 4 11-04-2005 08:06 PM


All times are GMT -5. The time now is 01:23 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration