Hey guys,
I need to give the 'nobody' user (which is what our apache runs as) no password access to a file, via sudo. This is what I've tried:
nobody ALL=(ALL) NOPASSWD: /var/www/qa/launchpadnew/site/ftp_check.php
But if I become the nobody user and try to access the file, it tries to prompt me for a password:
-bash-3.2$ php /var/www/qa/launchpadnew/site/ftp_check.php [sudo] password for nobody:
Can someone please point out for me where I'm going wrong? Cuz I don't see it!!
Thanks ! :)
Tim
try "sudo php /var/www/qa/launchpadnew/site/ftp_check.php" and "sudo /var/www/qa/launchpadnew/site/ftp_check.php"
You're giving the user the ability to run /var/www/qa/launchpadnew/site/ftp_check.php but not necessarily php. Your script might not need it, so try it each way. And, since you're using sudo, you need to call "sudo" before the command.
On Tue, Feb 3, 2015 at 5:32 PM, Tim Dunphy bluethundr@gmail.com wrote:
Hey guys,
I need to give the 'nobody' user (which is what our apache runs as) no password access to a file, via sudo. This is what I've tried:
nobody ALL=(ALL) NOPASSWD: /var/www/qa/launchpadnew/site/ftp_check.php
But if I become the nobody user and try to access the file, it tries to prompt me for a password:
-bash-3.2$ php /var/www/qa/launchpadnew/site/ftp_check.php [sudo] password for nobody:
Can someone please point out for me where I'm going wrong? Cuz I don't see it!!
Thanks ! :)
Tim
-- GPG me!!
gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Tue, February 3, 2015 4:32 pm, Tim Dunphy wrote:
Hey guys,
I need to give the 'nobody' user (which is what our apache runs as) no password access to a file, via sudo. This is what I've tried:
nobody ALL=(ALL) NOPASSWD: /var/www/qa/launchpadnew/site/ftp_check.php
But if I become the nobody user and try to access the file, it tries to prompt me for a password:
-bash-3.2$ php /var/www/qa/launchpadnew/site/ftp_check.php [sudo] password for nobody:
Can someone please point out for me where I'm going wrong? Cuz I don't see it!!
This whole thing sounds scary... Is there really no other (less scary) way to achieve what you want to achieve?
Valeri
++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++
On 2/3/2015 2:32 PM, Tim Dunphy wrote:
-bash-3.2$ php /var/www/qa/launchpadnew/site/ftp_check.php [sudo] password for nobody:
where did sudo even come into this picture?
does this ftp_check.php script fork a shell with sudo or something?
sounds like a VERY bad way of doing whatever it is you're trying to do.
Hi,
On Wed, Feb 4, 2015 at 4:57 AM, John R Pierce pierce@hogranch.com wrote:
On 2/3/2015 2:32 PM, Tim Dunphy wrote:
-bash-3.2$ php /var/www/qa/launchpadnew/site/ftp_check.php [sudo] password for nobody:
In sudoers file, you have to provide the whole path of the "php" command to execute any php file.
where did sudo even come into this picture?
does this ftp_check.php script fork a shell with sudo or something?
sounds like a VERY bad way of doing whatever it is you're trying to do.
I agree with John here. You should use better method to do this.
--Regards Ashishkumar S. Yadav
Tim Dunphy writes:
Hey guys,
I need to give the 'nobody' user (which is what our apache runs as) no password access to a file, via sudo. This is what I've tried:
In addition to all other comments so far, 'nobody' is a bad choice for httpd. If this is your distro's default, it's a bad one. It is better to create a dedicated user that is guaranteed to be used only as configured by you.
-
Ashish Yadav -
Jeremy Hoel -
John R Pierce -
Lars Hecking -
Tim Dunphy -
Valeri Galtsev