1

I have a shell script in the following dir which is outside of the webroot :

 /usr/share/myshellscript.sh

And I want to be able to run it when called from a php file located at :

 /var/www/html/myphpscript.php

How do I navigate the php script to the correct directory where it can run the shell script?

I've tried :

 exec('/usr/share/myshellscript.sh');

But nothing is happening?

I've tested the .sh script on the server itself and it's working fine, just can't get php to execute it.

System : Ubunutu 14.04 webserver / php 5.5.9-1

Grant
  • 1,297
  • 2
  • 16
  • 39
  • Do you need to add a command? ie. exec('sh /usr/share/myshellscript.sh'); – joe42 Feb 11 '15 at 02:52
  • No I just need to execute the script. The .sh is just a basic echo some text to a .txt file script to see if I can get it working. – Grant Feb 11 '15 at 03:00
  • 1
    can you run the exact command from the terminal, ie. can you run '/usr/share/myshellscript.sh' or do you need to run 'sh /usr/share/myshellscript.sh'? – joe42 Feb 11 '15 at 03:06
  • Yes I can run it from terminal with /usr/share/myshellscript.sh and it works – Grant Feb 11 '15 at 03:09
  • I've just tried everything possible from this thread too but nothing works? http://stackoverflow.com/questions/16740802/how-to-make-a-system-call-remotely/22953339#22953339 – Grant Feb 11 '15 at 03:37
  • 3 hours on this now and i've tried every single way I could find on SO of testing if exec has been disabled and apparently it hasn't. I even trawled through the hallowed grounds of php.net and tried everything I could find on there. This is crazy! Why on Earth isn't it working? Is this a linux / ubuntu specific bug maybe? – Grant Feb 11 '15 at 04:19
  • Anyone who did that would be eaten alive by the next person to see their code (or at least the next security-conscious person to hear about it). You want to make sure scripts exposed to the web are *contained*, not free to do anything that your web server can do. – l0b0 Feb 11 '15 at 08:08
  • First, check the permissions for the .sh script. Also check that the directory /usr/share/ is readable too. Then make sure that `exec()` is not disabled in php.ini. – pumbo Feb 11 '15 at 10:26

1 Answers1

2

Most likely, you have no permissions to execute the .sh script. To ensure that the script is readable and executable run:

$scriptPath = '/usr/share/myshellscript.sh';
var_dump(array(
    'file' => is_file($scriptPath),
    'readable' => is_readable($scriptPath),
    'executable' => is_executable($scriptPath)
));

Another possible reason is that exec() function is disabled in PHP. See "Check if "exec" is disabled"

Community
  • 1
  • 1
pumbo
  • 3,646
  • 2
  • 25
  • 27
  • Ok I've made "some" progress. It appears to be a permission error. If the .sh script is just echoing some text "my text", it works fine, but as soon as I try to do anything else (like echoing "mytext" to a new txt file), it throws up permission errors. I've made sure that the the dir the .sh script is located in, the .sh script itself and the php file in the webroot all belong to the same user and user group - www-data, but still no joy.. I know this is a very insecure way of doing this so if anybody can suggest a more secure way of doing this I'd appreciate it. – Grant Feb 11 '15 at 14:51