通过 php 用户对 root 进行 Linux 屏幕管理

发布于 2024-10-28 18:05:16 字数 135 浏览 5 评论 0原文

我想制作一个脚本,可以在 root 用户的 screen 中运行某些内容。这必须通过 php system() 函数完成,因此我需要找到 sudo 到 root 并传递密码的方法,所有这些都使用 PHP。

I want to make a script that would run something in screen on root user. This has to be done through php system() function therefore I need to find out way to sudo to root and pass a password, all using PHP.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

相守太难 2024-11-04 18:05:16

如果您确实需要从 PHP 执行sudo(不推荐),最好只允许特定命令而不需要密码。

例如,如果 PHP 以 apache 用户身份运行,并且您需要运行 /usr/bin/myapp,则可以将以下内容添加到 /etc/ sudoers(或 sudoers 所在的任何地方):

apache ALL = (root) NOPASSWD:NOEXEC: /usr/bin/myapp

这意味着用户 apache 可以在没有密码的情况下以 root 身份运行 /usr/bin/myapp ,但应用程序无法执行任何其他操作。

If you really need to sudo from PHP (not recommended), it's best to only allow specific commands and not require password for them.

For example, if PHP is running as the apache user, and you need to run /usr/bin/myapp, you could add the following to /etc/sudoers (or wherever sudoers is):

apache ALL = (root) NOPASSWD:NOEXEC: /usr/bin/myapp

This means that user apache can run /usr/bin/myapp as root without password, but the app can't execute anything else.

睫毛上残留的泪 2024-11-04 18:05:16

我确信一定有一种比你试图创建的机制更好的方法来完成你想要完成的任何事情。

如果您只想将消息从 php 脚本写入某个地方的单个 screen 会话,请尝试以下操作:

在 php

使用追加写入访问权限打开文件:

$handle = fopen("/var/log/from_php", "wb");

写入您的文件:

fwrite($handle, "Sold another unit to " . $customer . "\n");

在屏幕会话中

tail -F /var/log/from_php

如果您不能在屏幕会话中运行tail,则可以使用write(1)实用程序来编写消息发送到不同的终端。有关此机制的详细信息,请参阅 write(1)mesg(1)。 (我不像日志文件方法那样喜欢它,因为它是持久的并且可以稍后搜索。但我不知道你到底想要完成什么,所以这是另一个可能比< code>tail -F 在日志文件上。)

I'm sure there must be a better way to do whatever it is you're trying to accomplish than whatever mechanism you're trying to create.

If you simply want to write messages from a php script to a single screen session somewhere, try this:

In php

Open a file with append-write access:

$handle = fopen("/var/log/from_php", "wb");

Write to your file:

fwrite($handle, "Sold another unit to " . $customer . "\n");

In your screen session

tail -F /var/log/from_php

If you can't just run tail in a screen session, you can use the write(1) utility to write messages to different terminals. See write(1) and mesg(1) for details on this mechanism. (I don't like it as much as the logfile approach, because that is durable and can be searched later. But I don't know exactly what you're trying to accomplish, so this is another option that might work better than tail -F on a log file.)

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文