HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   General (http://www.howtoforge.com/forums/forumdisplay.php?f=15)
-   -   chown not working with exec() (http://www.howtoforge.com/forums/showthread.php?t=43305)

bigger_travis 5th February 2010 19:54

chown not working with exec()
 
hello, i have ispconfig 2 running on Centos -

what i'm trying to do:
i am running a php file which installs a script in the web/ directory to install my custom script, the php file renames the web directory

from: /var/www/web2/web
to: /var/www/web2/web_Orginal

then the the php file creates a web directory:

/var/www/web2/web

so when i go to the shell i send the ls command and i can confirm both directories are there, so the script is able to rename the orginal web/ directory and create a new web/ directory (I am using tar to unpack the web/ directory which contains all my script files)

web/
web_Orginal/

however, the new web/ directory is own by apache:

Code:

command: ls -la

OUTPUT:
drwxrwxrwx  8 apache  apache 4096 Feb  4 05:16 web
drwxrwxrwx  8 web2_AnyUser  web2 4096 Feb  4 05:16 web_Orginal

now i try to use exec() function in the php file to change the ower from apache to web2_AnyUser and the group from apache to web2 using this code in the php file:

PHP Code:

# PHP CODE:
# TO CHANGE OWERSHIP:
exec('chown -R web2_AnyUser /var/www/web2/web',$ouput,$result);
exec('chgrp -R web2 /var/www/web2/web',$ouput,$result);




i dont get any errors, and the value of $result = 1

so when i go to the shell, i do an ls -la and it does not change the owership of the web/ directory, it still shows apache

what i want to acheive is to change the owershipt to look like this:

Code:

command: ls -la

OUTPUT:
drwxrwxrwx  8 web2_AnyUser  web2 4096 Feb  4 05:16 web
drwxrwxrwx  8 web2_AnyUser  web2 4096 Feb  4 05:16 web_Orginal

do you have any suggestions. i think you are my best resource for this. i was looking at your code in /root/ispconfig/scripts/lib/config.lib.php and it shows this code on line 690:

PHP Code:

  if($user["user_admin"]){
    
//exec("usermod -G web".$web_doc_id." ".$user_username."");
    // alten admin herausfinden
    
$old_admin_uid fileowner($web_path);
    
$mod->system->usermod($user_username"web".$web_doc_id);
    
exec("chown $user_username $web_path &> /dev/null");
    
//exec("chown $user_username $web_path/cgi-bin &> /dev/null");
    
exec("chown -R --from=$old_admin_uid $user_username $web_path/cgi-bin &> /dev/null");
    
exec("chown $user_username $web_path/log &> /dev/null");
    
exec("chown $user_username $web_path/ssl &> /dev/null");
    
exec("chown $user_username $web_path/user &> /dev/null");
    
//exec("chown $user_username $web_path/web &> /dev/null");
    
exec("chown -R --from=$old_admin_uid $user_username $web_path/web &> /dev/null");






i guess im trying to do the same, but im not sure how you did it.

if you have any suggestion, please advise,

Thanks for all your support

falko 6th February 2010 19:31

Can you become the apache user with the su command and run the commands
Code:

chown -R web2_AnyUser /var/www/web2/web
chgrp -R web2 /var/www/web2/web

? Do you get any errors?

bigger_travis 6th February 2010 21:27

i sent this command:
Code:

[root@testvirtual ~]# su apache
This account is currently not available.

i do get an error: "This account is currently not available."

falko 7th February 2010 13:47

What's the output of
Code:

grep apache /etc/passwd
?

jnsc 7th February 2010 16:31

try
Code:

su -s /bin/bash apache

bigger_travis 7th February 2010 18:12

To jnsc:
Quote:

try
Code:

su -s /bin/bash apache

ok, i send this command now:

Code:

[root@testvirtual ~]# su -s /bin/bash apache
bash-3.2$ whoami
apache
bash-3.2$

im not getting any error anymore. i do see my my prompt changed from # to $ - so that means i can change user to apache.

################################################## #######################

To falko:
Quote:

Can you become the apache user with the su command and run the commands
Code:

chown -R web2_AnyUser /var/www/web2/web
chgrp -R web2 /var/www/web2/web

? Do you get any errors?
so i send the chown command:

Code:

bash-3.2$ chown web2_AnyUser /var/www/web2/web/
chown: changing ownership of `/var/www/web2/web/': Operation not permitted

RESULTS: Yes, i do get error = "Operation not permitted"

################################################## #######################

To falko:
Quote:

What's the output of
Code:

grep apache /etc/passwd

?
COMMAND RESULTS:
Code:

[root@testvirtual ~]# grep apache /etc/passwd
apache:x:48:48:Apache:/var/www:/sbin/nologin

Please Advise, Thanks

falko 8th February 2010 14:09

What's the output of
Code:

ls -la /var/www/web2/web/
?

bigger_travis 8th February 2010 17:55

Quote:

Originally Posted by falko (Post 218844)
What's the output of
Code:

ls -la /var/www/web2/web/
?

Code:

[root@testvirtual www]# ls -la /var/www/web2/web/
total 76
drwxrwxrwx 9 apache  apache  4096 Feb  4 04:00 .
drwxrwxrwx 9 web2_AnyUser web2  4096 Feb  4 04:00 ..
-rw-rw-rw- 1 apache  apache  237 Apr 17  2009 .htaccess
drwxrwxrwx 2 apache  apache  4096 May 10  2009 images
drwxrwxrwx 2 apache  apache  4096 May 10  2009 includes
-rw-rw-rw- 1 apache  apache  565 Apr 17  2009 index.php
-rw-rw-rw- 1 apache  apache  1176 May 10  2009 INSTALL.txt
-rw-rw-rw- 1 apache  apache  2918 Apr 17  2009 oswallpaper-footer.php
-rw-rw-rw- 1 apache  apache  5202 Apr 17  2009 oswallpaper-header.php
-rw-rw-rw- 1 apache  apache 15687 May 10  2009 OSWallpaper.sql
drwxrwxrwx 2 apache  apache  4096 May 10  2009 pages
drwxrwxrwx 2 apache  apache  4096 May 10  2009 recaptcha
drwxrwxrwx 3 apache  apache  4096 May 10  2009 theme
drwxrwxrwx 8 apache  apache  4096 May 10  2009 wallpapers


falko 9th February 2010 14:21

Hm, looks ok. I don't know why it doesn't work. :(

jnsc 9th February 2010 18:54

It's only possible to execute the chown command from the root user. Here is a very interesting reference post http://www.ale.org/pipermail/ale/200...er/099333.html, but as it's quite long, I will post the part that is interesting for us.

Quote:

The default with most OS's is for chown to be restricted to root only.
And there is a consensus that it should stay this way for security
considerations. If a non-root user does change the owner of a file and
any execute bit is on, the SUID and SGID bits must be cleared. This may
or may not happen with root.


All times are GMT +2. The time now is 15:56.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.