Send Shell commands without interactive shell

Ask about general coding issues or problems here.

Moderators: macek, egami, gesf

leandrorius
New php-forum User
New php-forum User
Posts: 2
Joined: Wed Dec 05, 2012 6:39 am

Send Shell commands without interactive shell

Postby leandrorius » Wed Dec 05, 2012 6:59 am

Hi there!

I'm planning to create a PHP web tool that helps to administrate remote Unix servers, doing functions like reset users password, get system information, and so on.
To do so, my web tool have to make a SSH connection to the remote server and send some shell commands, so I need to have a user for my application with the appropriate privileges on the remote servers. That's ok so far.
The problem is: In my company, there's a lot of Security Policies for servers, and one of them is: the applications users must not have valid shell on Unix systems , i.e. the shell must be "/dev/null".
And as far as I know, I can't logon in a remote server using the ssh2_connect function if the user doesn't have a valid shell.
I'm trying to figure out a better way to work around this, but I have no clue so far.

Does anyone have some ideas?

Thanks!

User avatar
egami
php-forum GURU
php-forum GURU
Posts: 2196
Joined: Wed Oct 06, 2010 11:19 am
Location: Happy Valley, UT

Re: Send Shell commands without interactive shell

Postby egami » Fri Dec 14, 2012 8:51 am

Not possible. If there isn't a shell, there isn't a shell. And giving the WWW user administrative privis on any of your boxes is a 100% idiotic move, especially an Internet facing facility.

Even sudo would be a dumb move.


But, I'm not one to judge, so if you want it to even have any kind of possibility, you're going to have to look into sudo and user nobody, or user apache. But if your site is "hosted" on a providers box, then you have absolutely no chance in hell in getting this to work.


Good luck.


Return to “PHP coding => General”

Who is online

Users browsing this forum: Google [Bot] and 5 guests