Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
My server is a development server, so I'm trying out some things using some (no groaning) exec()'s in my PHP code. I'm trying to do things step by step so I can fix/secure things as they break - hence the trying to implement a chrooted environment. Basically, I just want to do an exec("my_lcd_program"); to update a little LCD I've got in front of a webcam. However, with lighttpd chrooted, exec() appears to be absolutely nothing - no output, not even errors. I've even tried to execute silly things that don't exist - nada.
However, if I run lighttpd outside of the chroot jail, everything is fine. So I think my problem is a lack of understanding how I need things set up in the chroot environment. I was hoping someone could explain, or reference some documents, manpages, etc. that would help me figure out how I can have a PHP script execute a binary in the chrooted environtment. I've also thought it might have something to do with permissions, but I'd su-ed to www-data and can successfully perform the operations I wish while executing PHP code from the command line.
Any tips, suggestions or request for more detailed information would be greatly appreciated, thank you.
I stuck that error_reporting line in - still no output. Any other ideas that could help me figure out why the binary can't be accessed? I've made sure it is accessible by the www-data user (in /webroot/bin, /usr/bin and /bin), which I was pretty sure lighttpd is running under this user.
After doing some more research, I came up with the following, similar post:
So far the binaries I've tried copying around were a program I wrote in C, which probably is dynamically linked to quite a few libraries, and uptime - which I'm guessing is also linked to a few basic things as well. It feels kinda gross to start copying libraries into the chroot environment, so perhaps I'll just make sure to use static linking when I recompile my little program.
I'll play with this for the time being and see how it goes. However, further suggestions, thoughts and comments are still much appreciated.
Using ldd, I found that the program I've was trying to execute within PHP uses the following:
linux-gate.so.1 (What exactly is this? I couldn't find it anywhere)
libc.so.6 (on my machine: /lib/tls/i686/cmov/libc.so.6)
/lib/ld-linux.so.2
I copied the two of these that I could find into /webroot/lib and then logged in as root, and entered a chroot environment (/webroot).
I ran my program and got the following error: Cannot open port!
My program sends data to the serial port, at which there's a Parrallax 16x2 LCD connected via a MAX232 circuit. I had forgotten to consider that there was no /webroot/dev/ttyS0, so I think this has been my problem. I don't know very much about PHP, but is it possible that I was not seeing any errors since print exec(...) would print the output from STDOUT and not include STDERR?
When I tried to make a symlink to the actual /dev/ttyS0 (isn't this compromising the security of the chroot environment?), I received this error when runnning my program (which open()'s /dev/ttyS0):
Cannot open port!: Too many levels of symbolic links
For the sake of details, this is how I created the symlink:
ln -s /dev/ttyS0 /webroot/dev/ttyS0
Since I do not understand why this is occurring, I take it I need to read up on how /dev is setup, and how it works. Is there any way I can access /dev/ttyS0 while in a chroot environment? If so, what types of security risks are associated with doing so?
I dont know how you coded your PHP script, but what I know is that exec can return the command result in some ways, maybe you dont see any error 'cus you're not associating its output to a variable or an array, check this.
About granting permissions to a device for a web-app, well, thats not too good, but since this device is just a serial device connected to a LCD display, I don't thing its that bad.
Maybe your worse security risk is your "my_lcd_program", if it have some buffer-overflow fault it can be exploited by some user from your web environment.
So I've gotten my /webroot/dev/ttyS0 squared away - I can chroot into /webroot and run my program to update my LCD, so all the libraries are now there. I've made sure that www-data has access to /webroot/dev/ttyS0, but exec() does absolutely nothing. I've since upgraded to PHP5, but am still having the problem, making me think it's still some chroot or lighttpd/fastcgi issue.
The PHP code is simple for now:
print exec("/usr/bin/p2lcd -1 test --debug")
I've also tried copying libproc into /webroot/lib, and having my test script print the output of uptime - still no output!
Any other ideas as to why exec() and passthru() don't appear to be working? Thank you for your help, it's much appreciated.
[update]
Using lighttpd-1.4.13 by the way - I saw that 1.4.15 has exec() issues, but this version seems to at least work when not chrooted
And the right idea at that! It certainly works for what I need. So I guess now I just have to evaluate whether or not a chroot environment with sh, a PHP script with an exec() and a custom program is really worth running
Thanks FMC, let me know if you have any suggestions regarding any security touch-ups.
Well, if you're so worried about security, you should take a look in a way to isolate every user in his home dir with apache.
The last time I searched for a XMPP (apache modules) for a per-user environment it wasnt stable yet, so I isolated the user with the open_basedir parameter from PHP. You can set a different open_basedir for each site running on apache, have a look on my vhost.conf file:
Code:
<VirtualHost *:80>
ServerName myvhost.com
ServerAlias webmail.myvhost.com webmail.*
DocumentRoot /var/www/webmail/htdocs
<Directory "/var/www/webmail/htdocs">
Options Indexes FollowSymLinks
AllowOverride Limit AuthConfig
Order allow,deny
Allow from all
</Directory>
php_admin_value open_basedir "/var/www/webmail/"
</VirtualHost>
This avoid a user inside, for example, /var/www/google.com/ to read documents on /var/www/yahoo.com/ with php file handling functions!
I am also having same problem i.e i am using shell_exec and run java file from php code , i am using chroot concept , i put java inside the chroot,even though i am not able to get output with shell_exec because shell is out side the chroot , if i remove the chroot I lose my security so please tell how to use shell_exec under chroot.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.