tags:

views:

332

answers:

2

I don't know what the deal is here…

So I want to run an applescript: sudo osascript myscript.scpt it works fine in the terminal, however when I execute it via PHP's exec(), nothing happens.

The console says no tty present and no askpass program specified ; TTY=unknown ; …

I did my research, and it seems I'm missing the password for the sudo command. I tried a couple different ways to get around this, including:

writing %admin ALL=(ALL) ALL in /ect/sudoers, and proc_open() instead of exec()

none of which seem to be working, consequently driving me CrAzY!

so basically, is there a clear-cut way to get PHP to execute a simple terminal command?

EDIT: to clarify, myscript.scpt is a simple appleScript that changes the onscreen UI (for a larger project). In theory, simply osascript myscript.scpt should be enough, however the sudo is for some reason necessary to invoke some response from the system. If the sudo could be somehow eliminated, I don't think I would be having this permissions problem.

A: 

How about running the PHP script with sudo, and omitting it within the script? That might take care of permissions for child processes, as well.

Matchu
unfortunately, the program is web-based, so the PHP is executed by a command from a remote user
pop850
@pop850 - Mmkay. In that case, running the PHP script with `sudo` would mean running Apache with `sudo` - or, rather, simply granting Apache root capabilities. It sounds dangerous, but, then again, allowing Apache to invoke `sudo` without a password is *exactly* as dangerous. Really, you probably shouldn't be doing whatever you're doing how you're doing it. Can you just give Apache the proper permission to perform the action without needing root access? That should most definitely be possible unless Apache is altering the system somehow, which it *should not do*.
Matchu
@Matchu: exactly how would I grant Apache root capabilities? I have tried `%apache ALL=(ALL) NOPASSWD: ALL`
pop850
@pop850 - I'm not going to say how, since I really, really think it's a bad idea. Allowing Apache to run as root is *only* possibly okay if you're a security expert, and know the deepest intricacies of what you're doing with every single line of code you write. And those people probably would just find a non-root way to get the job done.
Matchu
I agree with you (see my comment on tomit's answer). Currently, I'm working on changing the permissions of the script itself, which would probably be much safer.
pop850
+2  A: 

It sounds like you need to set up passwordless sudo. Try:

%admin ALL=(ALL) NOPASSWD: ALL

Also comment out the following line (in /etc/sudoers via visudo), if it is there:

Defaults    requiretty
tomit
I tried adding this to etc/sudoers, but no dice. I still get "no tty present and no askpass program specified"
pop850
I've updated my answer.
tomit
Did you have any luck commenting out the requiretty line?
tomit
Nope. it wasn't in the file at all.I'm starting to agree with Matchu (below) about all this security stuff. If my system makes it this difficult, it's probably for a good security reason.
pop850
I think that is a wise decision :) Despite me trying to help answer your original question, I do think that using sudo in a webapp has the potential to intoduce a lot of security headaches.
tomit