Sujet : Re: Simple way for web to execute root shell script.
De : tnp (at) *nospam* invalid.invalid (The Natural Philosopher)
Groupes : comp.os.linux.misc comp.sys.raspberry-piDate : 23. May 2025, 17:53:21
Autres entêtes
Organisation : A little, after lunch
Message-ID : <100q961$62mq$1@dont-email.me>
References : 1 2 3 4
User-Agent : Mozilla Thunderbird
On 23/05/2025 16:24, Marc Haber wrote:
The Natural Philosopher <tnp@invalid.invalid> wrote:
On 23/05/2025 15:08, Lew Pitcher wrote:
On Fri, 23 May 2025 13:26:34 +0100, The Natural Philosopher wrote:
>
I have a shell script that monitors hardware stuff - it needs to run as
root and be called by Apache as user www.
>
As you probably already know, the system won't run shell scripts as setuid,
even if the setuid bit is set. So, the direct route is out.
>
>
Bookworm linux on a Pi4.
>
Its all inside a domestic firewall so security is not a huge issue.
What is the quickest and simplest solution to this?
>
My gut reaction would be to have the webserver use sudo(1) (with suitable
limitations set in the /etc/sudoers file) to run the script via a system(3)
call.
>
cant one execute it direct from apache?
If it's a shell script then it won't run as root even if it is suid
root.
I'd go the sudo way, but I'm not neutral about that¹.
I did in fact go that way...
After stumbling through the usual mess of 'it worked perfectly well before so let's change the way we do it' crap with apache2 versus 2.4..
Greetings
Marc
¹ I maintain sudo in Debian
-- “Puritanism: The haunting fear that someone, somewhere, may be happy.”H.L. Mencken, A Mencken Chrestomathy
Simple way for web to execute root shell script.
Re: Simple way for web to execute root shell script.