Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Thread Tools Display Modes
Old 12th November 2009, 21:12
cento_claus cento_claus is offline
Junior Member
Join Date: Nov 2009
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default CentOS 5.3 apache sudo "can't set runas group vector"


I'm running out of ideas (and of forum threads to try), so here is my problem:
I want to create a web page using perl to configure a router.
The router is going to be used to limit bandwidth to some IPs and also to block some IPs.
I'm using Centos 5.3 which comes with httpd and suexec pre-installed.
The command I want to use are "route add -host ..." and "tc filter ...", these commands can only be run as root.

So far here's what I've been trying:
1. Make suexec executable:
chmod a+x /usr/sbin/suexec
chmod a+s /usr/sbin/suexec

2. Set "user" and "group" to the desired user ("test") in httpd.conf

3. Add my user ("test") to the sudoers:
echo "test ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers

3. Make my perl scripts executable in /var/www/bin-cgi/

4. Start apache
/sbin/service httpd start

Here is my script:

#!/usr/bin/perl -T
use CGI;
use strict;
$ENV{PATH} = "/usr/bin/:/usr/local/bin";

my $query = new CGI;
foreach my $field (sort ($query->param)) {
foreach my $value ($query->param($field)) {
print "$field: $value<br/>";

my $command = "id";
my $res = qx/$command/;
print "Result Whoami=$res<br/>";

my $ip = $query->param('addressIP');
if ( $ip =~ /^(.*)$/ ) { # to update: to check $ip
$ip = $1;
print "IP = $ip<br/>";
my $command = "/sbin/route add -host $ip reject";
#my $command = "sudo /sbin/route add -host $ip reject";
print "Command: $command<br/>";
my $res = qx/$command/;
print "Result=$res<br/>";"/sbin/route add -host $ip reject"
} else {
print "Sorry, that’s not a valid ip\n";

When running the script, the user is indeed "test", but for some reason, either command "/sbin/route add -host $ip reject" or "sudo /sbin/route add -host $ip reject" won't be executed.

Does anybody know what I'm missing?

Reply With Quote
Sponsored Links
Old 13th November 2009, 15:40
falko falko is offline
Super Moderator
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,749 Times in 2,579 Posts

Have you tried the full path to sudo in your script?
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
freebsd 7, samba 3, domain controller alexdimarco Suggest HOWTO 6 5th November 2010 17:54
have the problem with mydns on CentOS 5.3 x86_64 thaibinhtt Installation/Configuration 1 26th May 2009 09:59
FTP cannot open remote folder!?! andysm849 Server Operation 23 17th October 2008 00:34
Can't start apache Musty Server Operation 12 9th March 2008 14:58
ubuntu ispconfig joomla .htaccess steve1084 General 8 6th January 2007 16:55

All times are GMT +2. The time now is 18:54.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.