0

Currently I'm working on a PHP script that can execute shell commands on a linux root server.

I want to give any user with the right password (htacces) the permission to execute this script (it´s for OpenVPN client creation). When i jump to the plesk interface to execute the PHP script in file data manager, i get an internal server error 500. I already changed the permission of the PHP script to 777 for testing purposes.

I also controlled the php.ini to check if shell_exec/proc_open/exec are on the banned function list.

How can i configure the server/php script to have root permissions on the script?

Is it possible to Log-in with root priviliges when exceuting shell commands with a php script?

Thanks in advance.

Have a nice day.

EDIT: The current code is: 

shell_exec('cd ' . $path-openvpn-ca);
shell_exec('source ./vars');


$descriptorspec = array(
    0 => array("pipe", "r"),  // stdin read by child
    1 => array("pipe", "w"),  // stdout written to by child
    2 => array("file", "error.log", "a") // stderr
);
$process = proc_open($path_openvpn-ca. "/build-key.sh LC_1234", $descriptorspec, $pipes);
if (is_resource($process)) {
    fwrite($pipes[0], PHP_EOL. PHP_EOL. PHP_EOL. PHP_EOL. PHP_EOL. PHP_EOL. PHP_EOL. PHP_EOL. "." . PHP_EOL. "." PHP_EOL. "y" . PHP_EOL. "y". PHP_EOL);
    fclose($pipes[0]);
    $output = $pipes[1]; // $pipes[0] is the input and $pipes[2] is the error output
}
tom318
  • 3
  • 3
  • 1
    "When i jump to the plesk interface to execute the PHP script in file data manager, i get an internal server error 500" - a more detailed error should be in PHP error log: what does that error message say? (your server host should probably give you a way to read the error log) – Piskvor left the building May 13 '19 at 08:23
  • Hello, where can i find that error log? Is there a standard path for it? Thanks in advance – tom318 May 13 '19 at 08:31
  • 1
    You cannot define a variable with a dash caracter. `$path-openvpn-ca` is a substration for php. You have a syntax error in your script, try `php -l ` for checking the syntax – Arno May 13 '19 at 08:53
  • It could be in various places; check out this question: https://stackoverflow.com/questions/5127838/where-does-php-store-the-error-log-php5-apache-fastcgi-cpanel . Also, for development, it might be useful to show the errors directly: https://stackoverflow.com/questions/1053424/how-do-i-get-php-errors-to-display?rq=1 – Piskvor left the building May 13 '19 at 08:54
  • @Arno thanks, i did not notice that. Piskvor thanks, ill check that out. – tom318 May 13 '19 at 09:03
  • I fixed it. The internal server error was because of different syntax errors.. I can now execute my proc_open function to build keys. But the error log (from proc_open pipe2) show the following: sh: 1: /root/openvpn-ca/build-key.sh: Permission denied sh: 1: /root/openvpn-ca/build-key.sh: Permission denied But both the build-key/ php script have 777 permission for testing purpose. – tom318 May 13 '19 at 09:17
  • try `chmod +x /root/openvpn-ca/build-key.sh` – Arno May 13 '19 at 09:58
  • Hello, the permission bug is now fixed! Thanks! But the current error log i get is : /openvpn-ca/build-key.sh: not found - but the path is right. – tom318 May 13 '19 at 10:19
  • You said it was `/root/openvpn-ca/build-key.sh` in your other comment? – Adder May 13 '19 at 11:10
  • This problem is now solved. I will create a new question for another issue. Thanks for your help. – tom318 May 13 '19 at 12:40

0 Answers0