PHP calls to external programs all fail with exit code 127

Question

echo system("/usr/bin/whoami", $ret);
echo $ret;

PHP 4.3.9 on Apache 2.0.52, CentOS 4.5. Safe mode is off, I can run programs as the apache user account from the command line, but all programs run from PHP fail with exit code 127.

Answer 1

• See if /usr/bin/whoami exists, and is executable (and readable, mode xx5) by anyone.
• See php.ini on doc_root and user_dir, if those are set they can limit what you can execute.
• If your Apache or PHP is chrooted, you need to put the application to execute into the chroot.
• If there's some other security system or RBAC running on the machine, see dmesg or log files in /var/log/.
• Don't forget to use &$ret instead of $ret.
• See PHP's exec() and passthru(), different functions might work for different situations.
• Know that there's a different php.ini for Apache, and a different one for cli use.