PHP 命令未执行 system()、exec() 或 passthru()
我正在尝试使用开放式办公室运行命令行文件转换。
openoffice pdf filename.doc 2>&1
当我以 root 身份在命令行中执行时,它工作正常并且文件被转换。但是,当我以 apache 用户身份在 PHP 文件中传递上述命令时,它不会执行。
我尝试了所有三个 PHP 命令行执行:
$command_output=system($command_line,$rtnval);
$command_output=exec($command_line,$rtnval);
$command_output=passthru($command_line,$rtnval);
另外,
echo print_r($rtnval);
echo print_r($command_output);
$rtnval 返回 1 和 $command_output 1。我很困惑,无法知道 linux (centos) 对上述的响应是什么命令通过。这是非常令人沮丧的,因为当我尝试执行命令时无法知道系统响应什么。
我还添加了 apache 运行 open office 命令的 /etc/suders 权限。
apache ALL:(全部)NOPASSWD:/path/to/openoffice
仍然无法以 apache 用户身份在 PHP 中执行该命令。
作为 apache 用户,我缺少什么 PHP 不执行此命令?
I am trying to run a command line file conversion using open office.
openoffice pdf filename.doc 2>&1
when i execute in command line as root it works fine and the file is converted. However when i pass the above command in a PHP file as apache user, it does not execute.
I tried all three PHP command line execution:
$command_output=system($command_line,$rtnval);
$command_output=exec($command_line,$rtnval);
$command_output=passthru($command_line,$rtnval);
Also,
echo print_r($rtnval);
echo print_r($command_output);
$rtnval returns 1 and $command_output 1. I am confused unable to know what is the linux (centos) response to above command passed. It is very frustration because unable to know what the system response when i try to execute the command.
I also included /etc/suders permission for apache to run the open office command.
apache ALL: (ALL) NOPASSWD: /path/to/openoffice
still the command is not execute in PHP as apache user.
What am i missing for PHP as apache user not to execute this command?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
可能是 openoffice 不在
PATH中。尝试使用完整路径执行它。It could be that openoffice is not in
PATH. Try to execute it with the full path.要像 apache 用户一样运行命令,只需在 shell 中尝试一下:
您会发现自己处于一个非常受限的 shell 中,通常无法从该 shell 中启动 openoffice。确实,它需要很多环境,无论如何完全为apache设置是不安全的。
AFAIK,最好创建一个允许运行您的命令的专用用户(例如常规的“www-runner”用户),然后从 PHP 对其进行“su”。其他安全措施包括对专用用户进行 chroot,或使用 apparmor 来限制允许运行的内容和位置。无论如何,永远不要通过将 www-data 添加到 sudoers 来让 www-data 以 root 身份运行某些东西:这太危险了!
您还可以看看 libapache2-mod-suphp (一个 suid apache 模块,用于以所有者权限运行 php 脚本)。它比专用的 suEXEC apache 野兽更容易使用(http://httpd.apache.org/docs /2.0/suexec.html)。后者确实不是为了快速解决;)
To run your command as if you were the apache user, just try this in a shell:
You will find yourself in a quite restricted shell, from which it is usually not possible to start openoffice. Indeed, it requires a lot of environment, that would be unsafe to completely set up for apache anyway.
AFAIK, better create a dedicated user that is allowed to run your command (eg a regular "www-runner" user), then "su" to it from PHP. Other security measures include chroot'ing the dedidacted user, or using apparmor to limit what and where it is allowed to run. In any case, never let www-data run something as root by adding www-data to the sudoers: this is way too dangerous!
You can also have a look at libapache2-mod-suphp (a suid apache module to run php scripts with the owner permissions).It is easier to use than the dedicated suEXEC apache beast (http://httpd.apache.org/docs/2.0/suexec.html). The latter really is not for a quick fix ;)
您的 apache 中的 php 可能以安全模式或所谓的安全模式运行,其中
system()函数等被禁用。实际上,这个答案假设您所谓的“以 apache 用户身份运行”实际上是在 apache 环境中运行,无论它是什么。
It is possible that your php in apache runs in safe mode or what's it called, in which
system()function and alike are disabled.This answer, actually, assumes that what you call "running as apache user" is in fact running in apache environment, whatever it is.