Hi
when i in /var/www/html and run tst.php script by php directly i.e `php tst.php , it is run as we expect, where
tst.php
<?php ls > list ?>

but when i run this file (i.e tst.php) by httpd , "list" file was't created , why?

Have you checked your apache logs yet?

And try to post complete information, like version/distro of Linux, what version apache, php, etc., and any error messages. Saying "wasn't created", doesn't give anyone alot to go on...

And you might want to check the permissions/ownership on the directories/files you're touching, too....make sure the apache user/group can read/write them.

thank you TB0ne
i run on fedora 10
httpd-2.2.10-2.i386
php-5.2.6-5.i386

if script <?php ls > list ?> become <?php ls > /tmp/list ?>, it run well as we expect , but if i make directory in tmp and allow write permission for all for this directory , also "list" file was't created.
and when i see /var/log/httpd/error_log, i find permission denied.

Ok...then it's a permissions problem with where you're trying to write it, as your error clearly indicates. Fix the ownership or permissions on the target.

Unless you're using suphp or something similar the target location to write to needs to be writable by the apache user (because that's who it runs as.) You also might be getting a perm denied because php has been hardened and it isn't allowed to write to that location.

Furthermore, that doesn't look like valid php to me.

Try:

thank you very much TB0ne
but problem still
i make /apache_test directory , owned by apache , and permissions are rwxrwxrwx
and when i run this file "tst.php" by apache which contain <?php `ls>/apache_test/list`?>
also it is appearing in /var/log/httpd/error_log
sh: /apache_test/list: Permission denied

rweaver problem still

Check your logfiles /var/log/messages, /var/log/audit/audit.log. sounds like an SELinux issue. Apache is not allowed to write outside of the areas defined by

semanage fcontext -l |grep http

(run that as root)

as an example, do

cd /var/www
ls -Z

to see the selinux settings there

Hi

Your PHP is still invalid. You aren't writing proper php code which will not execute. Chances are you have php-cli installed. You should be able to from the command line run or whatever file you are using.

Check out shell_exec() Here: http://us2.php.net/manual/en/function.shell-exec.php. Just be careful... Executing shell script from php is just ASKING to get your server compromised if you don't sanitize any user inputs or protect it properly.

I am very confused how your above code would work if you ran it from the CLI since it isn't even php, its bash. You can see it is using the shell /bin/sh to run it in the error:

------------------------------------
Michael Piekarski
Network Engineer
mpiekarski@hostmysite.com
www.hostmysite.com

Maybe your php script is running as cgi by apache, so it wont run under the privileges of user apache. Just execute <? system("whoami"); ?> and see which user the script is running as.