Running an external program in PHP that only the root user can run is always an old problem, and it's hard to do it in a regular way. This is because PHP is generally a module of Apache, that is, PHP is part of Apache, and Apache, in addition to the suexec mechanism, is not able to execute commands with different user IDs, but the suexec mechanism can only be CGI valid. There was an article on the internet that said "Su-C command" can be implemented, but after many experiments, it is not possible, because the SU command must enter the root password on the stdin. What to do? It is difficult to work with conventional methods, only to think of other methods. The key to success is to have a tool that can switch user IDs but can enter a password (or no password) on the command. Is there such a tool? Yes, it's super. Here's how to do it specifically? It is important to note that the installation and configuration of super is done as root. The first step, switch to root under the second step, install Super first to Ftp://ftp.mdtsoft.com/pub/super download super-3.14.0-1.i386.rpm. This is a RPM file, and the other includes two tools: Setuid and Super, along with their documentation and man manuals. Install it into the system with the following command:% RPM-UVH super-3.14.0-1.i386.rpm You can also use this command to view the files in this rpm:% RPM-QPL super-3.14.0-1.i386.rpm from the results can be seen, Two tools will be installed in the/bin directory. In the third step, configuring the Super Super Configuration file is/etc/super.tab. This is a text file, the format is also more complex. However, we can simply add a few lines here. For detailed instructions, it can be viewed through the man super.tab. Assuming that the user running Apache is nobody, and we want to add the system user via super (call the Useradd command), we simply add the following line to the Super.tab file: Auser/sbin/useradd nobody,hunte The first paragraph is the alias of the command that super can recognize, the second paragraph is the full path of the system command that corresponds to the alias, and the third is a list of users that can run the command, separated by commas. In addition to nobody, there is a general user called Hunte, which is used for the following tests. Of course, you should use any of the ordinary users in your system. At this point, the super configuration is even better. The fourth step is to test the non-Nobody user login, run:%/bin/super auser testuser If there is nothing wrong with the previous configuration, the user testuser should be successfully created. Can be used:% CAT/ETC/PASSWD | grep testuser command to verify. Fifth step, call the command in PHP the following is the PHP code: ...; System (Escapeshellcmd ("/bin/super auser $username")); ?> uses super to make it no longer difficult to run external commands as root in PHP. Try it. Test environment: RedHat Linux 7.0 (Kernel 2.4.3) + Apache 1.3.9 + PHP 4.0.4PL1
http://www.bkjia.com/PHPjc/531790.html www.bkjia.com true http://www.bkjia.com/PHPjc/531790.html techarticle running an external program in PHP that only the root user can run is always an old problem, and it's hard to do it in a regular way. This is because PHP is generally used as a module of Apache ...
