Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
11-19-2006, 04:43 PM
|
#1
|
Member
Registered: Mar 2006
Distribution: Fedora core, Ubuntu
Posts: 175
Rep:
|
How to run a command remotely
I can run this command successfully over ssh.
#/usr/bin/mplayer [options]
I want to be able to do the same using PHP.
But doing the following inside a php script does not work:
exec("/usr/bin/mplayer [options]");
I know the php's exec() works, since the following worked when I tried it:
exec("echo '/usr/bin/mplayer [options]' > /tvoutput");
So, I concluded that it must be that apache, which my web server runs as must not have permission to run the command /usr/bin/mplayer.
I then added apache to sudoers file.
But then this still doesn't work:
exec("sudo /usr/bin/mplayer [options]");
If I can issue
/usr/bin/mplayer [options]
from an ssh terminal and get the desired effect, I'm just baffled as to why I can't do it via a PHP script.
This is obviously not a PHP issue, since the command is being handed to linux correctly.
Any ideas? Sorry about the long explanation.
Thx.
|
|
|
11-19-2006, 05:02 PM
|
#2
|
Senior Member
Registered: Jan 2005
Location: Manalapan, NJ
Distribution: Fedora x86 and x86_64, Debian PPC and ARM, Android
Posts: 4,593
|
This sounds like SELinux saving you from yourself. To verify check your /var/log/messages or /var/log/audit/audit.log for AVC denied messages. You can also temporarily disable SELinux to test with (as root):
setenforce 0
If it works, then you can re-enable SELinux with:
setenforce 1
You'll either need to create a local policy to enable execution, or check the booleans under menu System->Administration->Security Level and Firewall on the SELinux tab, HTTPD Service. One of the booleans may allow you to do what you are trying to accomplish.
|
|
|
11-19-2006, 05:10 PM
|
#3
|
Member
Registered: Nov 2006
Location: Maine
Distribution: Debian, Ubuntu, Gentoo
Posts: 109
Rep:
|
I'm having EXACTLY the same issue running a shell script from PHP, because the shell script needs to modify some of root's files.
|
|
|
11-19-2006, 05:47 PM
|
#4
|
Member
Registered: Mar 2006
Distribution: Fedora core, Ubuntu
Posts: 175
Original Poster
Rep:
|
Quote:
Originally Posted by macemoneta
This sounds like SELinux saving you from yourself. To verify check your /var/log/messages or /var/log/audit/audit.log for AVC denied messages. You can also temporarily disable SELinux to test with (as root):
setenforce 0
If it works, then you can re-enable SELinux with:
setenforce 1
You'll either need to create a local policy to enable execution, or check the booleans under menu System->Administration->Security Level and Firewall on the SELinux tab, HTTPD Service. One of the booleans may allow you to do what you are trying to accomplish.
|
# setenforce 0
setenforce: SELinux is disabled
|
|
|
11-19-2006, 05:53 PM
|
#5
|
Member
Registered: Mar 2006
Distribution: Fedora core, Ubuntu
Posts: 175
Original Poster
Rep:
|
Quote:
Originally Posted by Tralce
I'm having EXACTLY the same issue running a shell script from PHP, because the shell script needs to modify some of root's files.
|
You may look into modifying the sudoers file to allow a particular user on your system to temporarily run as root.
I think it goes something like this:
your_non_root_user ALL=(root) NOPASSWD: /command/to/run
Although people say it's not advisable to allow a user to run as root, but you can restrict the permission to just a single command as shown above.
|
|
|
11-19-2006, 05:56 PM
|
#6
|
Senior Member
Registered: Jan 2005
Location: Manalapan, NJ
Distribution: Fedora x86 and x86_64, Debian PPC and ARM, Android
Posts: 4,593
|
Quote:
# setenforce 0
setenforce: SELinux is disabled
|
OK, now that you have disabled SELinux, test your code.
|
|
|
11-19-2006, 07:41 PM
|
#7
|
Member
Registered: Mar 2006
Distribution: Fedora core, Ubuntu
Posts: 175
Original Poster
Rep:
|
It wasn't enabled before. That's why I posted the ouput of the command.
|
|
|
11-19-2006, 09:06 PM
|
#8
|
Senior Member
Registered: Jan 2005
Location: Manalapan, NJ
Distribution: Fedora x86 and x86_64, Debian PPC and ARM, Android
Posts: 4,593
|
Sorry, I was distracted. I see that SELinux is disabled.
Last edited by macemoneta; 11-19-2006 at 09:15 PM.
|
|
|
11-20-2006, 02:23 PM
|
#9
|
Member
Registered: Mar 2006
Distribution: Fedora core, Ubuntu
Posts: 175
Original Poster
Rep:
|
Quote:
Originally Posted by macemoneta
Sorry, I was distracted. I see that SELinux is disabled.
|
Thank you for trying.
If you have other ideas, please share.
Is there a way to know if an error message is returned?
tail /var/log/messages shows nothing related to it.
|
|
|
11-20-2006, 02:40 PM
|
#10
|
Senior Member
Registered: Jan 2005
Location: Manalapan, NJ
Distribution: Fedora x86 and x86_64, Debian PPC and ARM, Android
Posts: 4,593
|
Well, if you are running through your web browser, the error logs in /var/log/httpd/ should indicate any errors that were encountered.
|
|
|
11-20-2006, 06:12 PM
|
#11
|
Member
Registered: Mar 2006
Distribution: Fedora core, Ubuntu
Posts: 175
Original Poster
Rep:
|
You're correct. /var/log/httpd/error_log has this
sudo: sorry, you must have a tty to run sudo
After a little searching online, I found out FC6 has added more restrictions to sudo:
Defaults requiretty
I commented that out, and am no longer getting any errors in error_log, although my command still won't run.
I'm one step closer, thanks to you, but not quite there yet.
|
|
|
11-20-2006, 06:26 PM
|
#12
|
Senior Member
Registered: Jan 2005
Location: Manalapan, NJ
Distribution: Fedora x86 and x86_64, Debian PPC and ARM, Android
Posts: 4,593
|
The next question I would have is, are you specifying the display (apache doesn't have one)? For example, if you are sending the video to your TV, the second head on your video card:
...mplayer -display :0.1 ...
|
|
|
11-21-2006, 02:18 AM
|
#13
|
Member
Registered: Mar 2006
Distribution: Fedora core, Ubuntu
Posts: 175
Original Poster
Rep:
|
Quote:
Originally Posted by macemoneta
The next question I would have is, are you specifying the display (apache doesn't have one)? For example, if you are sending the video to your TV, the second head on your video card:
...mplayer -display :0.1 ...
|
I've been using:
DISPLAY=:0.1 /usr/bin/mplayer
instead of your suggestion of:
/usr/bin/mplayer -dispaly :0.1
Anyway, after brooding over a few more hurdles, I finally go it to do what I wanted.
You've been a tremendous help. Not being formally trained in linux is a challenge for me. But with guys like you, and my resilience, it often works out in the end.
|
|
|
All times are GMT -5. The time now is 08:43 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|