像 root 用户一样运行 PHP shell_exec() [英] Run PHP shell_exec() like root user

问题描述

我构建了一个 PHP 应用程序，我在其中为 Linux debian Jessie 创建了命令行功能.一切正常，但我需要能够使用一些命令，如 root 用户.

I building one PHP application where I create command line functionality for Linux debian Jessie. All works fne but I need to be able use some commands like root user.

有没有办法使用 shell_exec() 或类似命令通过 PHP 像 root 用户一样访问?

Is there a way to use shell_exec() or similar command to access like root user via PHP?

这个命令行的想法是让有权访问该服务器的人可以从任何地方或设备通过互联网处理它.

Idea of this command line is to people who have access to that server can handle with it over internet from any place or device.

这是控制台的图像:

推荐答案

以 root 身份通过 PHP 执行命令将使您对各种恶意黑客敞开大门.

Executing commands as root via PHP will leave yourself wide open to all sorts of malicious hackery.

查看sudo"文档.

您应该能够将您需要的所有命令设置为sudo"脚本.编写功能有限的特定脚本比暴露底层特权命令要好得多.

You should be able to set up all the commands you need as "sudo"able scripts. It is much better to write specific scripts with limited functions than to expose the underlying priviledged command.

如:

exec ('sudo getCurrentUser.sh')

首先，您需要将 PHP 用于运行的用户(大多数情况下是 www-data)添加到 sudo 组，如果尚未分配.

First, you need to add the user that PHP is using to run (most of the time it is www-data) to the sudo group if it is not already assigned.

然后，在您的 php 文件中:

Then, in your php file:

使用sudo -S，这样你就可以通过echo传递密码

use sudo -S, so you can pass the password via echo

$exec = "echo your_passwd | /usr/bin/sudo -S your command";
exec($exec,$out,$rcode);

如果您遇到路径问题 - 使用

if you have trouble with the paths - use

"bash -lc 'echo your_passwd | /usr/bin/sudo -S your command'"

所以你会得到一个新的 bash，它就像一个登录 shell 并设置了路径

so you get a new bash that acts like a login shell and has the paths set

这篇关于像 root 用户一样运行 PHP shell_exec()的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！