Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
291 views
in Technique[技术] by (71.8m points)

php - How to make a system call remotely?

I have an app that has to mount a disk on a server. The disk and the server all connected, it just has to use the linux 'mount' command.

I wrote a php that is simply:

<?
exec("/var/www/MountTheDisk.sh");
?>

And I added bash script: MountTheDisk.sh

#!/bin/bash

diskutil mount /dev/xvdb1 /mnt/theDisk/
echo trying to mount

Now, if I run that php, I get no result. Nothing is echo'd and no disk is mounted. How can I run this command remotely? Maybe php is not the best method?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

This solution seems not to work. I don't know why since I havent used SetUID with shell scripts. But I let this answer stay here just in case someone wants to refer to it.

For security reason I would recommand you to put your code into a bash file. Use the SetUID-bit to execute the bash file as root from within any other user. This way your file is not writeable by anyone else than root and you don't need to handle with sudo. Otherwise you allow your php-process to execute code as root which, in most cases, is a very bad idea.

The reason why you don't receive any output is probably because it ask for a password an there is no way for exec to enter one.

Edit: Change your php call to:

<?
exec("/var/www/MountTheDisk.sh");
?>

Than create a bash file (/var/www/MountTheDisk.sh) with some content like this

#!/bin/sh

// this script will be executed as root
diskutil mount /dev/xvdb1 /mnt/theDisk/
echo trying to mount

Now set SetUID bit and change owner to root. (musst be done via root shell)

// make script executable
chmod +x /var/www/MountTheDisk.sh

// setuid bit
chmod u+s /var/www/MountTheDisk.sh

// change owner to root
chown root:root /var/www/MountTheDisk.sh

Note: Any user can run this file. Any call will result in it beeing executed as root.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...