Welcome to WebmasterWorld Guest from 54.224.50.28

Forum Moderators: bakedjake

Message Too Old, No Replies

Executing system function from web interface

just click a link on the browser & execute system functions eg reboot

     
1:26 pm on Jul 5, 2004 (gmt 0)

New User

10+ Year Member

joined:July 5, 2004
posts:6
votes: 0


Hello all,

I am using a mandrakke 9.1 ,with php 4.3.1 and apache 2.0 installed.

What I will like to do is to be able to click a link on the browser and be able to execute a system function like shutdown or reboot.

Every other configuration issue is okay but just remaining the above . Can somebody please explain what I need to do in order to be able to perform the task?

Ibrahim

4:15 pm on July 5, 2004 (gmt 0)

Preferred Member

10+ Year Member

joined:Aug 28, 2003
posts:366
votes: 0


Heh, depends how you want to go about it...

You can write a perl script and use that as a cgi on your webserver to perform these tasks, but the problem is that you need to be root (or wheel/operator group will work for some OSes), and the webserver typically runs as the user "www", not root, or any of those. The solution is to create a setuid (setuid man page [freebsd.org]) bit perl script to run as root, but I know that Apache has some safeguards against running setuid CGIs, and perl is a little tricky on some OSes, so it won't let you run setuids, and also, your system may be running in such a way that it won't run setuid programs (it's often a mount option).

The other way I've done things in the past is to give the "www" user a real shell and home directory, and so on... This is for use with PHP, rather than CGIs. It's definitely not recommended. Once the www user has a shell and home dir, it can many more things that it couldn't do before. for example, this is one way of getting php to run the "reboot" command:

click link, which brings you to "reboot.php"
reboot.php has a "passthru" or "exec" or "system" command which executes a custom-built setuid binary file in its home dir, called "shutphp.bin"
this shutphp.bin file is basically a wrapper, that is a basic "C" file, that looks like this (includes are probably wrong, but you get the idea).

#include <stdio.h>
#include <stlib.h>

void main() {
setuid(0);
setgid(0);
exec("/usr/sbin/reboot");
}

compile that c file with gcc (gcc -o shutphp.bin shutphp.c).
It's tricky, and it's dangerous. That's one way I've done things before, on boxes that I don't really care about.

I'm assuming since you want to reboot and so on, that you it's your own machine, so all of this may be possible.

You best bet, though, is to install something like Webmin [webmin.com ]. I've always found that hacking and slashing things like that are fun, because they teach many different things, but they're rarely practical or wise to implement.

HTH,
MM

6:15 pm on July 5, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Sept 12, 2002
posts:885
votes: 0


Another option that might be slightly safer than writing your own suid binary would be to set up sudo so that your www-data user is allowed to run the 'shutdown' program. Then you can set up a Perl or PHP script to run 'sudo shutdown -r now' instead of 'shutdown -r now', and have the same effect.

This solution still involves an suid binary, specifically the 'sudo' program, but at least 'sudo' is a publicly available program whose source code is scrutinized by lots of people who have a good idea how to write such a thing safely.

8:31 pm on July 5, 2004 (gmt 0)

Preferred Member

10+ Year Member

joined:Aug 28, 2003
posts:366
votes: 0


Ha! Excellent idea!

Hadn't considered that. ;)

Good idea -- way better than building your own c/setuid apps. :)

10:25 pm on July 5, 2004 (gmt 0)

Preferred Member

10+ Year Member

joined:Feb 13, 2003
posts:590
votes: 0


Doesn't Webmin [webmin.com] offer exactly such an option?

And isn't Webmin free?

11:21 am on July 6, 2004 (gmt 0)

New User

10+ Year Member

joined:July 5, 2004
posts:6
votes: 0


Thanks everbody for your various contributions.

I have tried the sudo suggestion but the result is the same , still not executing. May be I am still getting one or two things wrong.

I check my phpinfo() and it says I am not in save mode , so I need not bother putting my executable files in save_mode_exec_dir directory. Infact save_mode_exec_dir
directory is not defined in my phpinfo().

my reboot.php file which I provide a clickable link to on the web interface is as follows :

<?php
exec("/sbin/shutdown -r now")
?>


nb: my shutdown is in /sbin directory

and the relevant content of my /etc/sudoers file is as follows:
.....

root ALL=(ALL) ALL
apache ALL=/sbin/shutdown,/var/www/html/web/myphp/reb.php NOPASSWD


Please, what am I doing wrong or what Have I left undone,maybe in apache or any other neccessary area.The above are all my steps so far. Thanks once again.

-Ibrahim

8:20 am on July 9, 2004 (gmt 0)

New User

10+ Year Member

joined:July 5, 2004
posts:6
votes: 0


Hello All,

Please, I am still expecting responses from my last reply/post on the above subject which has been proving very difficult to solve for me.I want to know if I am on the right track and wwhat is it I am likely doing that is not correct

Thans for your anticipated hand of help.

Ibrahim

3:35 pm on July 9, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Sept 12, 2002
posts:885
votes: 0


Sorry for the delay, Ibrahim. I don't seem to be on here nearly as much as I used to be. Anyway, I think that this is your problem:
<?php
exec("/sbin/shutdown -r now")
?>

You configured 'sudo', but you aren't invoking it. You'll want to change the exec call to:

<?php
exec("/usr/bin/sudo /sbin/shutdown -r now")
?>
11:44 am on July 12, 2004 (gmt 0)

New User

10+ Year Member

joined:July 5, 2004
posts:6
votes: 0


Thanks dingman and others,

The sudo thing was really an oversight.Thanks for the reminder. But after making the correction , I could still not successfully reboot the system by clicking a link from the web interface.

The html link code that should execute the reboot.php script after clicking on it is as follows:

<td><div align="center"><a href="reboot.php">
Reboot</div></td>

The reboot.php is now as follows:

<?php
exec("/usr/bin/sudo /sbin/shutdown -r now")
?>

Thanks.

Ibrahim

4:14 pm on July 12, 2004 (gmt 0)

Preferred Member

10+ Year Member

joined:Aug 28, 2003
posts:366
votes: 0


apache ALL=/sbin/shutdown,/var/www/html/web/myphp/reb.php NOPASSWD

Is the user that run apache actually named apache, or is it www?

Also, try using the "passthru" function rather than exec. That way, you'll get all of the output right away.

[ca3.php.net ]

8:00 am on July 14, 2004 (gmt 0)

New User

10+ Year Member

joined:July 5, 2004
posts:6
votes: 0


I got the problem solved eventually. Great thanks to everbody who contributed to this thread.I wouldn't have been able to solve it without your various support and suggestions .Thank you very much.

apache is really the user for Apache webserver and not www on Mandrake 9.1

The problem I was having was with my sudo configuration/syntax

Initially,I was using this:
apache ALL=/sbin/shutdown,/var/www/html/web/myphp/reb.php NOPASSWD

But when I changed to the following , everything became okay :

apache ALL = (root) NOPASSWD: /sbin/shutdown

I had to read up materials on sudo again to understand the usage of NOPASSWD option.

My php file is as before and worked with both exec and passthru functions.

Thanks to all of you once again.

Ibrahim

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members