tags:

views:

332

answers:

2
Q: 

sudo in php exec()

I don't know what the deal is here…

So I want to run an applescript: sudo osascript myscript.scpt it works fine in the terminal, however when I execute it via PHP's exec(), nothing happens.

The console says no tty present and no askpass program specified ; TTY=unknown ; …

I did my research, and it seems I'm missing the password for the sudo command. I tried a couple different ways to get around this, including:

writing %admin ALL=(ALL) ALL in /ect/sudoers, and proc_open() instead of exec()

none of which seem to be working, consequently driving me CrAzY!

so basically, is there a clear-cut way to get PHP to execute a simple terminal command?

EDIT: to clarify, myscript.scpt is a simple appleScript that changes the onscreen UI (for a larger project). In theory, simply osascript myscript.scpt should be enough, however the sudo is for some reason necessary to invoke some response from the system. If the sudo could be somehow eliminated, I don't think I would be having this permissions problem.

A: 

How about running the PHP script with sudo, and omitting it within the script? That might take care of permissions for child processes, as well.

Matchu  2010-07-03 23:34:30
unfortunately, the program is web-based, so the PHP is executed by a command from a remote user
pop850  2010-07-03 23:43:27
@pop850 - Mmkay. In that case, running the PHP script with `sudo` would mean running Apache with `sudo` - or, rather, simply granting Apache root capabilities. It sounds dangerous, but, then again, allowing Apache to invoke `sudo` without a password is *exactly* as dangerous. Really, you probably shouldn't be doing whatever you're doing how you're doing it. Can you just give Apache the proper permission to perform the action without needing root access? That should most definitely be possible unless Apache is altering the system somehow, which it *should not do*.
Matchu  2010-07-04 01:12:45
@Matchu: exactly how would I grant Apache root capabilities? I have tried `%apache ALL=(ALL) NOPASSWD: ALL`
pop850  2010-07-04 02:42:15
@pop850 - I'm not going to say how, since I really, really think it's a bad idea. Allowing Apache to run as root is *only* possibly okay if you're a security expert, and know the deepest intricacies of what you're doing with every single line of code you write. And those people probably would just find a non-root way to get the job done.
Matchu  2010-07-04 05:13:28
I agree with you (see my comment on tomit's answer). Currently, I'm working on changing the permissions of the script itself, which would probably be much safer.
pop850  2010-07-04 12:21:14
+2  A: 

It sounds like you need to set up passwordless sudo. Try:

%admin ALL=(ALL) NOPASSWD: ALL

Also comment out the following line (in /etc/sudoers via visudo), if it is there:

Defaults    requiretty
tomit  2010-07-03 23:46:16
I tried adding this to etc/sudoers, but no dice. I still get "no tty present and no askpass program specified"
pop850  2010-07-04 01:18:58
I've updated my answer.
tomit  2010-07-04 01:56:24
Did you have any luck commenting out the requiretty line?
tomit  2010-07-04 03:50:10
Nope. it wasn't in the file at all.I'm starting to agree with Matchu (below) about all this security stuff. If my system makes it this difficult, it's probably for a good security reason.
pop850  2010-07-04 12:19:19
I think that is a wise decision :) Despite me trying to help answer your original question, I do think that using sudo in a webapp has the potential to intoduce a lot of security headaches.
tomit  2010-07-04 14:35:03

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases