There are times when you do a lot of system work through PHP, and it's not as quick as using bash directly. PHP-FPM default is the Apache user, directly into the root account, is not able to start. In this case, the Apache user cannot execute commands that root can execute. So let's start with the PHP-FPM user, the right to execute the shell, and the right to execute the command inside the shell.
One, get root permissions
1, specify no password access to specific processes
# Visudo//Add the following, the file has the following examples, according to write
Apache All= (All) Nopasswd:/etc/init.d/srs
The time of the call
$result = Shell_exec ("/usr/bin/sudo/etc/init.d/srs start");
2, the user does not need to password, switch root account
# Visudo
Apache All= (All) Nopasswd:all
You can switch to the root user directly with Sudo su, the permission is much higher than the above method, the more permissions, the lower the security.
3, for a shell script, open permissions
If the first method, can not meet the requirements, the second method is too large, unsafe, then a third way to try
# visudo
Apache all= (All) nopasswd:uploadvideo
Cmnd_alias uploadvideo =/var/www/srs/upload.sh& nbsp The
invokes the method root to invoke the method as usual.
There is also a point is Visudo, #Default Requiretty, because the PHP call shell, use the terminal
Two, PHP call shell How to debug
Bad debugging, no log can be checked, can only see output, Nginx, PHP log does not call the shell related information, I have some experience, tried to
1, check PHP to start user rights, the file itself can be executed, PHP startup users also want to be able to execute the file permissions. Previously encountered a situation is that PHP execution of a shell how can not execute, then the dough, no chmod +x operation. The
2,php can capture the output of the shell, but you know that not all command execution has output, that is, success, failure, or no way to make difference, confusing. At this point, we can output the shell script with Echo. So we can know where to go, where we can know what went wrong.
3, directly through the SU Switch to PHP to start the user, and then execute on the Linux command line, someone asked, nologin users can not Su, then directly useradd A, change the startup user PHP. If you use PHP to start the user test successfully, through the PHP script to execute, basically also can pass.
4, here to note that the path problem, relative path and absolute path, as far as possible with absolute path.