以特定用户身份从 PHP 运行命令行应用程序
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/6913403/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Running command-line application from PHP as specific user
提问by Tak
I am running Apache on my localhost. From a PHP script run as www-user I would like to control Rhythmbox playback on my machine. So far I have a simple command in my PHP script:
我在我的本地主机上运行 Apache。从以 www-user 身份运行的 PHP 脚本,我想控制我的机器上的 Rhythmbox 播放。到目前为止,我的 PHP 脚本中有一个简单的命令:
exec('rhythmbox-client --pause');
exec('rhythmbox-client --pause');
This works great when I run it from the command-line as me, but if it runs as www-user I guess rhythmbox-clientdoesn't know/can't access my instance of Rhythmbox.
当我像我一样从命令行运行它时,这很有效,但是如果它以 www-user 身份运行,我想我rhythmbox-client不知道/无法访问我的 Rhythmbox 实例。
Is there an easy way for that PHP script to run as my user rather than www-user, or to tell rhythmbox-clientwhich instance to control?
该 PHP 脚本是否有一种简单的方法可以作为我的用户而不是 www-user 运行,或者告诉rhythmbox-client要控制哪个实例?
The overall application is that when my phone goes off-hook it calls my PHP script which pauses music, and resumes playback when the phone is on-hook. I love VoIP phones!
整个应用程序是,当我的电话摘机时,它调用我的 PHP 脚本,暂停音乐,并在电话挂机时恢复播放。我喜欢 VoIP 电话!
Solution:Thanks to Carpetsmoker and Tarek I used sudoas the answer but there was a couple of problems. To overcome them I did the following:
解决方案:感谢 Carpetsmoker 和 Tarek,我将其sudo用作答案,但存在一些问题。为了克服它们,我做了以下事情:
Created a bash script to call rhythmbox-client. This bash script was executed using sudoin PHP as described in the answer below. Unfortunately rhythmbox-clientdidn't know what environment to control, so the bash script looks like this:
创建了一个 bash 脚本来调用rhythmbox-client. 这个 bash 脚本是sudo在 PHP中执行的,如下面的答案中所述。不幸的rhythmbox-client是不知道要控制什么环境,所以 bash 脚本如下所示:
#! /bin/bash
DBUS_ADDRESS=`grep -z DBUS_SESSION_BUS_ADDRESS /proc/*/environ 2> /dev/null| sed 's/DBUS/\nDBUS/g' | tail -n 1`
if [ "x$DBUS_ADDRESS" != "x" ]; then
export $DBUS_ADDRESS
/usr/bin/rhythmbox-client --pause
fi
Now that bash script can be executed by PHP and wwwuser, and my phone can pause/play my music!
现在那个 bash 脚本可以被 PHP 和 wwwuser 执行,我的手机可以暂停/播放我的音乐!
回答by Martin Tournoij
One solution is using sudo(8):
一种解决方案是使用sudo(8):
exec('sudo -u myuser ls /');
You will, obviously, need to setup sudo(8)to allow the user running your webserver to invoke it. Editing the sudoers file with visudo(8), you can use something like:
显然,您需要进行设置sudo(8)以允许运行您的网络服务器的用户调用它。使用 编辑 sudoers 文件visudo(8),您可以使用以下内容:
wwwuser ALL=/usr/bin/rhythmbox-client
To prevent Apache from being able to run other commands and onlythe rythymbox command.
防止 Apache 能够运行其他命令并且只能运行rythymbox 命令。
回答by VictorEspina
In my case, the solution came this way:
就我而言,解决方案是这样的:
1) Added this lines to sudoers file:
1) 将此行添加到 sudoers 文件:
myuser ALL=(ALL) NOPASSWD: /usr/bin/prlctl
_www ALL=(ALL) NOPASSWD: /usr/bin/prlctl # IMPORTANT!!!
2) The EXEC() command in PHP was changed to:
2) PHP 中的 EXEC() 命令改为:
exec("sudo -u myuser prlctl list -a", $out, $r);
Thanks a lot for your help!
非常感谢你的帮助!
Victor Espina
维克多·埃斯皮纳
回答by Kumar
If a process can be run by any user it can be run by PHP. Example is fortunecommand
如果一个进程可以由任何用户运行,它就可以由 PHP 运行。示例是fortune命令
-rwxr-xr-x 1 root root 18816 Oct 1 2009 /usr/games/fortune
Look at the xpermission for every user. But this some times doesn't at all work and you may have to let the user, www-dataor apacheetc, run the program. You can sudo www-dataand try to run the command. If it works then Apache/PHP should be able to run it.
查看x每个用户的权限。但这有时根本不起作用,您可能必须让用户www-data或其他人apache运行该程序。您可以sudo www-data并尝试运行该命令。如果它有效,那么 Apache/PHP 应该能够运行它。
