0

I'm trying to execute bash script commands in PHP.

In the php file (commands.php) some commands doesn't work:

// works
echo shell_exec('whoami');
echo "<br>";

// works
echo shell_exec('ls -al');
echo "<br>";

// doesn't work
echo shell_exec('mkdir testfolder');
echo "<br>";

// doesn't work
shell_exec('sudo -S spleeter separate -p spleeter:2stems -o output audio_example.mp3');
echo "<br>";

This is the output:

www-data
total 272
drwxr-sr-x 2 root www-data   4096 Jul 12 23:06 .
drwxr-xr-x 4 root root       4096 Jul 12 21:20 ..
-rw-r--r-- 1 root www-data 262867 Jul 12 21:36 audio_example.mp3
-rw-r--r-- 1 root www-data   1417 Jul 12 23:11 commands.php

The www-data user have permissions to this folder:

drwxr-sr-x 2 root www-data  4096 Jul 12 23:06 files

I have no problems to execute the commands as root user at the terminal. I guess there are some permission issues. What is the best way to execute bash commands with PHP?

(Ubuntu 18; Apache2; PHP7)

HaKa
  • 33
  • 3
  • Does `www-data` have permission to use `sudo` without a password? – Barmar Jul 12 '21 at 21:32
  • 1
    Giving `www-data` sudo access is really, really bad idea. If I were you I would rather focus on how can I execute `spleeter` without super user. As for `mkdir` command. PHP has build in `mkdir()` method. – Martin Dendis Jul 12 '21 at 21:37
  • @MartinDendis you are right. Is it the right way to change the permission of the `spleeter` command? I did the `mkdir` example to show what works. – HaKa Jul 13 '21 at 07:45
  • @Barmar Do you mean to use `NOPASSWD` like here is mentioned: https://superuser.com/questions/1448987/allow-php-to-run-shell-script-with-sudo-permission – HaKa Jul 13 '21 at 07:54
  • Yes, but you should restrict it to just the commands used by your script. – Barmar Jul 13 '21 at 12:25
  • I didn't have luck with `NOPASSWD`. I left the sudoers file untouched. I created a overwrite called "spleeter" in the folder sudoers.d: `%www-data All=NOPASSWD: /bin/bash /var/www/html/spleetercommand.sh` Parsing is ok: `root@myServer:/var/www/html/files# sudo visudo -c /etc/sudoers: parsed OK /etc/sudoers.d/spleeter: parsed OK` Here is the content of spleetercommand.sh: `spleeter separate -p spleeter:2stems -o output audio_example.mp3` In the terminal I executed like this without success: `sudo -u www-data ./spleetercommand.sh` @Barmar Can you give me a hint, please? – HaKa Jul 14 '21 at 13:14
  • Sorry, I don't really know much about configuring sudoers. [unix.se] is the place to ask for help with that. – Barmar Jul 14 '21 at 14:29

0 Answers0