如何远程进行系统调用? [英] How to make a system call remotely?
问题描述
我有一个应用程序必须在服务器上挂载磁盘。磁盘和服务器全部连接,它只需要使用linux'mount'命令。
I have an app that has to mount a disk on a server. The disk and the server all connected, it just has to use the linux 'mount' command.
我写了一个简单的php:
I wrote a php that is simply:
<?
exec("/var/www/MountTheDisk.sh");
?>
我添加了bash脚本:MountTheDisk.sh
And I added bash script: MountTheDisk.sh
#!/bin/bash
diskutil mount /dev/xvdb1 /mnt/theDisk/
echo trying to mount
现在,如果我运行那个php,我没有结果。没有回声,没有安装磁盘。如何远程运行此命令?也许php不是最好的方法?
Now, if I run that php, I get no result. Nothing is echo'd and no disk is mounted. How can I run this command remotely? Maybe php is not the best method?
推荐答案
这个解决方案似乎不工作。我不知道为什么,因为我没有使用SetUID与shell脚本。
为了安全起见,我建议你把你的代码转换为bash文件。使用 SetUID位从任何其他用户以root身份执行bash文件。这样,您的文件不能由root以外的任何人写入,您不需要使用sudo处理。否则你允许你的php进程以root身份执行代码,在大多数情况下,这是一个非常糟糕的主意。
For security reason I would recommand you to put your code into a bash file. Use the SetUID-bit to execute the bash file as root from within any other user. This way your file is not writeable by anyone else than root and you don't need to handle with sudo. Otherwise you allow your php-process to execute code as root which, in most cases, is a very bad idea.
你没有收到任何输出的原因是
The reason why you don't receive any output is probably because it ask for a password an there is no way for exec to enter one.
编辑:
更改您的php调用(可能是因为它要求输入密码)到:
Change your php call to:
<?
exec("/var/www/MountTheDisk.sh");
?>
比如创建一个bash文件(/var/www/MountTheDisk.sh) / p>
Than create a bash file (/var/www/MountTheDisk.sh) with some content like this
#!/bin/sh
// this script will be executed as root
diskutil mount /dev/xvdb1 /mnt/theDisk/
echo trying to mount
SetUID位并将所有者更改为root。 (musst通过root shell完成)
Now set SetUID bit and change owner to root. (musst be done via root shell)
// make script executable
chmod +x /var/www/MountTheDisk.sh
// setuid bit
chmod u+s /var/www/MountTheDisk.sh
// change owner to root
chown root:root /var/www/MountTheDisk.sh
注意:可以运行此文件。任何调用将导致它以root身份执行。
Note: Any user can run this file. Any call will result in it beeing executed as root.
这篇关于如何远程进行系统调用?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
