apache-user & root access

Posted by ahmedshaikhm on Server Fault See other posts from Server Fault or by ahmedshaikhm
Published on 2010-01-18T00:45:18Z Indexed on 2010/05/17 12:22 UTC
Read the original article Hit count: 472

Filed under:

apache

|

crontab

|

root

|

php5

I want to develop few scripts in php that will invoke following commands; using exec() function

service network restart

crontab -u root /xyz/abc/fjs/crontab

etc.

The issue is that Apache executes script as apache user (I am on CentOS 5), regardless of adding apache into wheel or doing good, the bad and the ugly group assignment does not run commands (as mentioned above).

Following are my configurations;

My /etc/sudoers

root    ALL=(ALL)       ALL
apache  ALL=(ALL)       NOPASSWD: ALL
%wheel  ALL=(ALL)       ALL
%wheel  ALL=(ALL)       NOPASSWD: ALL

As I've tried couple of combination with sudoer & httpd.conf, the recent httpd.conf look something as follows;

my httpd.conf

User apache
Group wheel

my PHP script

exec("service network start", $a);
print_r($a);

exec("sudo -u root service network start", $a);
print_r($a);

Output

Array
(
    [0] => Bringing up loopback interface:  [FAILED]
    [1] => Bringing up interface eth0:  [FAILED]
    [2] => Bringing up interface eth0_1:  [FAILED]
    [3] => Bringing up interface eth1:  [FAILED]
)
Array
(
    [0] => Bringing up loopback interface:  [FAILED]
    [1] => Bringing up interface eth0:  [FAILED]
    [2] => Bringing up interface eth0_1:  [FAILED]
    [3] => Bringing up interface eth1:  [FAILED]
)

Without any surprise, when I invoke restart network services via ssh, using similar user like apache, the command successfully executes. Its all about accessing such commands via HTTP Protocol. I am sure cPanel/Plesk kind of software do use something like sudoer or something and what I am trying to do is basically possible. But I need your help to understand which piece I am missing?

Thanks a lot!

© Server Fault or respective owner

Related posts about apache

Web site not responding

as seen on Super User - Search for 'Super User'
I have website working fine before. But now its not able to connect to the server(I believe that is the problem). But its strange that the message not able to connect to the server is not coming and its keep connecting... for infinite time. Here is the screenshot. Here are some of the useful… >>> More
SVN Error 403 Forbidden

as seen on Stack Overflow - Search for 'Stack Overflow'
I can't figure this out. I try to import a new project into a svn repository from Netbeans and get 403 Forbidden. I just setup svn on my serverbox today. I can get to it through a browser just fine, though its empty as I haven't imported my project yet. Apache's path for html files is /var/www I… >>> More
How can I setup dependencies for Axis2 / Axiom on Maven2

as seen on Stack Overflow - Search for 'Stack Overflow'
I've tried the following settings on pom.xml to use Axis2 wsdl2code: <dependencies> <dependency> <groupId>org.apache.axis2</groupId> <artifactId>axis2</artifactId> <version>1.5.1</version> </dependency> </dependencies> ... <build> … >>> More
Problem compiling hive with ant

as seen on Stack Overflow - Search for 'Stack Overflow'
I compiling with Solaris 10 SPARC, jdk 1.6 from Sun, Ant 1.7.1 from OpenCSW. I have no problem running hadoop 0.17.2.1 However, I have problem compiling/integrating hive with the error 'cannot find symbol', although I followed the tutorial. I have the hive source code from SVN exactly from tutorial… >>> More
War deployment error related to classloading

as seen on Stack Overflow - Search for 'Stack Overflow'
hello when i am deploying my war file and run it it will give error like org.springframework.instrument.classloading.tomcat.TomcatInstrumentableClassLoader Jan 6, 2011 3:16:04 PM org.apache.catalina.startup.HostConfig deployDescriptor INFO: Deploying configuration descriptor servlet.xml Jan… >>> More

Related posts about crontab

/etc/crontab or any user crontab is not being executed

as seen on Server Fault - Search for 'Server Fault'
My server is CentOS 5. When I edit /etc/crontab or edit any user(including root) crontab via "crontab -e" command, it just adds "(system) RELOAD (/etc/crontab)" or "(admin) RELOAD (cron/admin)" in the log. No CMD in the /var/log/cron. Sample entry in /var/log/cron: Aug 10 10:21:33 localhost crontab[31688]:… >>> More
How to execute shell script via crontab?

as seen on Super User - Search for 'Super User'
notify.sh script file looks like: notify-send "hi welcome" my crontab notification for 2 pm: * 14 * * * home/hacks/notify.sh This is very basic queston only.But it wont working. should i configure anything? >>> More
Crontab no error but doesn't execute script

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm trying to execute a shell script from cron on Freebsd. To test wether crontab is working at all, i wrote the line * * * * * echo "Hello" /home/myuser/logile and it work fine. But when trying to execute any script it doesn't do anything, not even an error. (In the script i tried to run is… >>> More
Crontab: cut line to many lines?

as seen on Stack Overflow - Search for 'Stack Overflow'
Hard-to-read-line @daily export sunshine="~/logs/Sunshine-`date '+\%F'`" && export sunshineUrl="http://www.sunshine.net/main/search_results.asp?currency_id=1&min_price=&max_price=50000&country_id=241&region_id=&Submit=Search" && mkdir -p $sunshine && cd… >>> More
Crontab + rails3 + bundler

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm running a crontab that executes a rake task. I'm getting the following error (with MAILTO from crontab): rake aborted! no such file to load -- bundler /Users/Mendel/Sites/misnooit/Rakefile:4 (See full trace by running task with --trace) I'm using rvm with: ruby: ruby 1.9.1p378 rails: Rails… >>> More