LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices


Reply
  Search this Thread
Old 04-21-2023, 03:47 PM   #1
pizzipie
Member
 
Registered: Jun 2005
Location: Hayden, ID
Distribution: Ubuntu 20.04
Posts: 415

Rep: Reputation: 10
how to run gocryptfs from php script in Firefox


Using Ubuntu 20.04

I can run gocryptfs with exec() from the command line and it works fine. If I try to use the same php script from Firefox it won't work. Here are the particulars.

script myexec.php:
Code:
// begin php:

$output1=$retval1=$output2=$retval2=null;

exec('whoami', $output1, $retval1); 
exec('gocryptfs -allow_other acctsEncrypted accounts', $output2, $retval2);

echo "one .....";
print_r($output1);

echo "two .....";
print_r($output2);

// end php:
// =================================================

From Command Line running script myexec.php:

command: rick@rick-MS-7C02:~/DBases/Dbmysql/aa_SecureDir$ php -f myexec.php

output:
Password:
one .....Array
(
[0] => rick // ========== > owner - rick
)
two .....Array
(
[0] => Decrypting master key
[1] => The option "-allow_other" is set. Make sure the file permissions protect your data from unwanted access.
[2] => Filesystem mounted and ready.
)



// ======================================================

From Firefox running script myexec.php:

command: exec('whoami', $output1, $retval1);
output: one..... Array ( [0] => www-data ) // ============ > owner www-data

command: exec('gocryptfs -allow_other acctsEncrypted accounts', $output2, $retval2);
output: two .....Array ( )

permissions:
-rwxrwxrwx 1 rick www-data 664 Apr 21 11:26 myexec.php* // ============= > rick & www-data have permission
-r-------- 1 rick www-data 385 Apr 16 15:09 gocryptfs.conf // ========== > only rick can read

Apache2 error.log
Cannot open config file: open /home/rick/DBases/Dbmysql/aa_SecureDir/acctsEncrypted/gocryptfs.conf: permission denied
[Fri Apr 21 11:41:47.701666 2023] [authz_core:debug] [pid 2719946] mod_authz_core.c(817): [client 127.0.0.1:60894] AH01626:

if I change group permission to r or rw or rwx output is:
two .....Array ( [0] => Reading Password from stdin ) ===== > is shown on screen.

Thanks in advance for help in making this work.

R
 
Old 04-21-2023, 04:14 PM   #2
NevemTeve
Senior Member
 
Registered: Oct 2011
Location: Budapest
Distribution: Debian/GNU/Linux, AIX
Posts: 4,479
Blog Entries: 1

Rep: Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695
No need to encrypt data you wish to publish on internet.
 
Old 04-21-2023, 08:49 PM   #3
pizzipie
Member
 
Registered: Jun 2005
Location: Hayden, ID
Distribution: Ubuntu 20.04
Posts: 415

Original Poster
Rep: Reputation: 10
Thanks for the reply.

Quote:
No need to encrypt data you wish to publish on internet.
I am not publishing to the internet. I want to protect my data from someone who might snoop. Say I lost the computer or it was stolen.

Also, to satisfy my own curiosity, I want to know how to make this work!

R

Last edited by pizzipie; 04-21-2023 at 08:51 PM.
 
Old 04-22-2023, 12:34 AM   #4
NevemTeve
Senior Member
 
Registered: Oct 2011
Location: Budapest
Distribution: Debian/GNU/Linux, AIX
Posts: 4,479
Blog Entries: 1

Rep: Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695
You have to provide the password to `gocryptfs`. You might want to try option `passfile`.
https://github.com/rfjakob/gocryptfs...ion/MANPAGE.md
 
Old 04-23-2023, 07:28 AM   #5
NevemTeve
Senior Member
 
Registered: Oct 2011
Location: Budapest
Distribution: Debian/GNU/Linux, AIX
Posts: 4,479
Blog Entries: 1

Rep: Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695
Also you can test your script as `www-data`, see here: https://lzsiga.users.sourceforge.net/ekezet.html#Q0228 (in Hungarian, use some translator program)
 
Old 04-23-2023, 11:46 AM   #6
pizzipie
Member
 
Registered: Jun 2005
Location: Hayden, ID
Distribution: Ubuntu 20.04
Posts: 415

Original Poster
Rep: Reputation: 10
I tried gocryptfs -passfile ..... and again on command line the accounts.sh works but from Firefox with running php script in won't. It must be some quirky permission thing that I can't figure out?

R
 
Old 04-23-2023, 12:19 PM   #7
NevemTeve
Senior Member
 
Registered: Oct 2011
Location: Budapest
Distribution: Debian/GNU/Linux, AIX
Posts: 4,479
Blog Entries: 1

Rep: Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695Reputation: 1695
Become `www-data` user and run tests with php-cli. (And directly with gocryptfs.)

A note: it is not `Firefox` that runs php scripts, it's `apache httpd`.

Last edited by NevemTeve; 04-23-2023 at 02:55 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: How to encrypt files with gocryptfs on Linux LXer Syndicated Linux News 0 08-17-2019 10:11 AM
LXer: How to Encrypt Files with Gocryptfs LXer Syndicated Linux News 0 03-07-2019 11:30 AM
[SOLVED] gocryptfs installaton schnappi Linux - Software 8 05-25-2017 07:36 PM
LXer: SiriKali GUI Front End To Manage ecryptfs, cryfs, gocryptfs, securefs and encfs Encrypted Folders LXer Syndicated Linux News 0 03-02-2017 07:33 AM

LinuxQuestions.org > Forums > Non-*NIX Forums > Programming

All times are GMT -5. The time now is 02:59 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration