I have asked this question before but with not much success. I guess i was confused and did not put my question properly. So here it goes again.
Some points before i begin:
- I am running FC 14
- I did not install apache manually ... used yum
- safe mode in PHP is turned OFF
Basically I want to execute ping command and show the results on the PHP page. The code I use is
<?php
$who = shell_exec('whoami');
$result1 = shell_exec("/webserver_commands/ping -c 4 www.google.com");
exec("ping -c 4 www.google.com",$result2);
echo $who;
echo "<br/>".$result1;
echo "<br/>".$result2;
?>
The Output I get is
apache
Array
So I know the scripts are being run as the user 'apache'
In the apache log I see the following lines
sh: /webserver_commands/ping: Permission denied
ping: icmp open socket: Permission denied
I have made sure the directory /webserver_commands/ and the file ping in it are owned by the user apache of the group apache
917506 drwxrwxrwx. 2 apache apache 4096 Feb 4 18:29 webserver_commands
917507 -rwxrwxrwx. 1 apache apache 43448 Feb 4 18:29 ping
Any ideas what could be going wrong here ?
thank you, -ankit
if you want to display $result2 you need to implode it. exec() puts its output into the second argument as an array. So
Or echo, whatever your preference
As for ping, its not working because it lost the setuid bit when you copied it. You need to do
apacheuser does not have sufficient rights to send ICMP packets, consider using Net_Ping library from PEAR instead. If you are using Debian it can be installed usingapt-get install php-net-pingOne potential cause is that
pingis by design a root-only command so, in order to execute it from non-root users, many distributions have the setuid bit set on 'ping'; however, conversely, many do not - this may include FC14If ping does not have the setuid bit set, and if you are willing to open up this potential (but unlikely) security hole you can
chmod u+son ping to allow it to be executed from any user.