4

I'm following this guide for deploying my website via Git, and I'm running into some problems with PHP shell_exec() or exec(). The deploy script runs several commands such as git, whoami, which git, rsync, etc. All of these commands work when I'm logged in as the server user.

However, when I hit the php script that is supposed to run these commands, they don't work. whoami: command not found

git: command not found

rsync: command not found

which: command not found

I can fix this by providing the path to the commands (eg. /usr/bin/whoami => myuser) but some commands like /usr/bin/which rsync still don't work. (That one gives me /usr/bin/which: no rsync in (/bin))

These aren't vital to getting the project working, but I'd still like to know if there's some sort of permissions issue or something I'm doing wrong. Does anyone have any insight here?

mcheah
  • 1,209
  • 11
  • 28
  • seems like the PATH variable of the environment where the commands are executed is limited to the `/bin` directory – categulario Jan 18 '18 at 23:13
  • is that an apache/PHP issue? Or how would I fix that? – mcheah Jan 19 '18 at 00:07
  • are these paths defined at a system level or user level...your executing user that you are testing it...is it a different user than what is executing on apache? – Ctznkane525 Jan 19 '18 at 00:54

1 Answers1

5

By the looks of it your PATH variable only includes /bin. This only allows you to run executables within that directory. There are a few ways to fix this.

Method 1: Configure the web server environment varibles

If you are running apache, you can simply edit /etc/apache2/envvars to include a PATH varibale definition. Edit the file and add a new line to the bottom (if it doesn't already exist):

# /etc/apache2/envvars
...

export PATH="/bin:/usr/local/bin"

Method 2: Configure the PATH for the user

Alternatively, if you are running the web server as a user other than a service user, that user may not have their PATH properly configured. This is as simple as changing their environment variables for the user and the web server will inherit it (unless defined otherwise in the web server's configuration).

First step is figure out which user your web server is running as. If you don't know, you can check list the running processes to find the user. This can be accomplished by running the following command:

ps aux|grep {webserver}|grep -v grep Where {webserver} is replaced with the web server you are currently running. (apache/httpd, nginx)

Alternatively, you can check in of the following config files:

  • /etc/httpd/conf/httpd.conf - CentOS Apache
  • /etc/apache2/apache2.conf - Ubuntu/Debian Apache
  • /etc/nginx/nginx.conf - nginx config

(There are many other possible configurations, but these are the most common)

Once you've found out which user you're running as, you will need to then set the PATH variable for that user. This could be as simple as exporting the PATH in their home bash configuration. This could be /home/bob/.bashrc for example. Service users without a home will be different however.

Method 3: Declare the PATH within your PHP script

You can manually specify the PATH variable within your PHP script. This can be accomplished by adding the following line to your script:

<?php

putenv('PATH=/bin:/usr/local/bin');
...

You will need to change the PATH to suit your needs, and it will need to be declared before you call shell_exec().

This method isn't preferred as you will need to specify this for each PHP script you execute that makes use of the shell_exec() call to binaries outside of /bin, but it is a quick one off solution that will work.

More importantly, you are writing code that is not portable and is dependent on a specific system. This is bad coding practice and is not recommended/frowned upon.

SteppingHat
  • 1,199
  • 4
  • 19
  • 50
  • Thanks for this! I changed the $PATH variable but I think it has something to do with the server being run as the 'nobody' user. Unfortunately, the only solution that worked was your third one, but if I can figure out how to safely run as 'myuser' for example, instead of 'nobody', I'm sure that issue will take care of itself. – mcheah Jan 19 '18 at 21:50
  • Try exploring method 2 in that case, and in one of the config files you will have the option to change the user apache runs at. Anything is better than method 3. – SteppingHat Jan 21 '18 at 22:37
  • Thank you! I know this is an older post but I too had to go with option 3 and am concerned about using it. Would you know how/could you point me in the right direction to implement option 2 with nginx? – Brian KD Mar 22 '22 at 01:51