Board index   FAQ   Search  
Register  Login
Board index PHP PHP General

php shell_exec can't see system files

General discussions related to php

Moderators: macek, egami, gesf

php shell_exec can't see system files

Postby davewithheld » Mon Aug 06, 2012 9:15 pm

I've used system($cmd) for years with very reliable results until Fedora 17 and PHP 5.4.4. The programs execute, ok, but they can't see any files in directories owned by root, regardless of permissions. PHP itself can read root-owned files, but not shell_exec() programs. I run apache as a specific user and when I log in as that user, the commands work fine from the command line, but when they execute from the shell_exec() call, they can't find files the programs are trying to read from.

For example,

$tmplist = `/bin/ls /tmp`;

returns
total 0

However

$tmplist = `/bin/ls /`;

returns a full listing of the root directory.

There are many files in /tmp when I execute "/bin/ls /tmp" from the command line, but they don't show up when ls is executed from PHP. I have tried system(), shell_exec(), backticks, and exec(). All have the same result. Commands execute. "/bin/env" lists the environment variables the shell_exec() runs with, "/bin/whoami" outputs the web server's user name. It's just when the executed program tries to read a file in a directory owned by root, it can't find them. I first saw this when a program errored with "No such file or directory" when trying to read from a file that I KNEW was there (same command found it from the login shell).

I'm assuming this is a security "feature" of the new PHP or F17, but I can't find anything about it in the Google machine. Sounds like an Selinux thing, but Selinux is disabled. Anyone know what's causing this?
davewithheld
New php-forum User
New php-forum User
 
Posts: 3
Joined: Mon Aug 06, 2012 8:58 pm

Re: php shell_exec can't see system files

Postby davewithheld » Wed Aug 08, 2012 9:05 pm

I just tried CGI script (perl) and same problem, so it's apache/system config, not PHP! Still looking...
davewithheld
New php-forum User
New php-forum User
 
Posts: 3
Joined: Mon Aug 06, 2012 8:58 pm

Re: php shell_exec can't see system files

Postby davewithheld » Sat Aug 11, 2012 8:57 am

Found it! Turns out that F16 intruduced the concept of a private /tmp and /var/tmp directory (which were the two directories I looked at) for services that keeps their temp files from being visible to other processes. Makes sense for security, but makes it difficult for services to share files with users and breaks my scripts. It can be disabled, though, which is fine for my home media/web/file server.

Explained under 2.3.3. Services Private
http://docs.fedoraproject.org/en-US/Fedora/17/html/Release_Notes/sect-Release_Notes-Changes_for_Sysadmin.html

and http://fedoraproject.org/wiki/Features/ServicesPrivateTmp
davewithheld
New php-forum User
New php-forum User
 
Posts: 3
Joined: Mon Aug 06, 2012 8:58 pm


Return to PHP General

Who is online

Users browsing this forum: Bing [Bot], Google [Bot] and 2 guests

Sponsored by Sitebuilder Web hosting and Traduzioni Italiano Rumeno and antispam for cPanel.

cron