0

I'm making a PHP page with the purpose of creating and activating Apache VirtualHost files.

The pages generates the files and places it in /etc/apache2/sites-available/. After that a shell script is called by with:

shell_exec("/bin/sh /usr/local/bin/myscript.sh");

myscript.sh:

#!/bin/sh
file=$(ls -1t /etc/apache2/sites-available/ | head -1)
a2ensite "$file" 2>&1 >/dev/null
service apache2 reload 2>&1 >/dev/null
sleep 5

The script seems to be executed (the sleep time corresponds to the amount of time it takes to run and if I don't use 2>&1 >/dev/null I get the output from a2ensite). But the site is never enabled.

It works fine if I run the script from terminal, so I'm guessing it's some sort of permission issue. I've been playing around with sudoers and file permissions for two days now, but always with the same results.

Been adding stuff like

www-data ALL=NOPASSWD: /usr/local/bin/myscript.sh

and chmod 777 for testing purposes, but nothing.

Is there any definite way to do this? I'm running Ubuntu 16.04 and PHP7.

Improve this question

3 Answers 3

Reset to default
1

I think its because www-data don't have the right to execute the service and a2ensite commands.

Try this :

#!/bin/sh
file=$(ls -1t /etc/apache2/sites-available/ | head -1)
sudo a2ensite "$file" 2>&1 >/dev/null
sudo service apache2 reload 2>&1 >/dev/null
sleep 5

And then, edit the sudo file with sudo visudo and add

www-data  ALL=NOPASSWD : /usr/sbin/service, /usr/sbin/a2ensite
Improve this answer
Sign up to request clarification or add additional context in comments.

7 Comments

Didn't make any difference :/. I also tried this with the full paths in the script: /usr/sbin/a2ensite and /usr/sbin/service
I will take a look later, I don't have a linux to test this for now.
I really appreciate it. I'm sure it's some small setting or permission somewhere I'm missing.
I try on my machine and this is working. Perhaps the script is not in a directory that www-data can read. Try to execute the script with the command line sudo -u www-data path/to/myscript.sh to get the output. Also don't redirect the output of a2ensite and service to dev/null, but to a log file to see what is going wrong.
I tried moving the script to the webroot. Still no difference when I run the site from the php site. When I run the script with sudo -u www-data /var/www/html/myscript.sh the site gets enabled and I get this output: Enabling site test.com. To activate the new configuration, you need to run: service apache2 reload. [sudo] password for www-data: Maybe I should try installing a new server. May have screwed something up.
|
0

I think you need a dot in between:

shell_exec('/bin/sh' . '/usr/local/bin/myscript.sh');

Also, I am using single quotes... as above.

or you can try:

shell_exec('/usr/local/bin/myscript.sh');

Improve this answer

2 Comments

None worked unfortunately. First one didn't run the script at all.
Did you check your apache logs? There might be some hint there... or even check /var/log/messages
0

This is solved. The problem was not sudoers or file permissions. The commands were not executed correctly because Apache module mpm-itk was activated. Worked perfectly after I deactivated it.

I didn't need mpm-itk, but if anyone with similar problems needs it activated you could try this: https://askubuntu.com/questions/491624/setresuid-operation-not-permitted-when-calling-via-php

(Thanks Myran)

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.