Apache as root on ubuntu

Question

Ok I need to run my Apache web server as root. For this I typed whoami; in terminal. It gives me output: root. But when I check my apache server running as a root user or not by executing following php-script: < ?php echo whoami; ?> It gives me output: nobody. So any suggestions to execute/login as a root user in apache??

Because I am working on xen virtualization.I am using LIBVIRT-PHP to talk with hypervisor to start create destroy etc etc. For this I used this php-script: When I execute this it shows me: Warning: libvirt_domain_destroy() [function.libvirt-domain-destroy]: operation virDomainDestroy forbidden for read only access in /opt/lampp/htdocs/xampp/shutdown.php on line 5 — Ali R. Memon, Mar 26 '12 at 14:14
I don't think you need to run Apache/PHP as root in order to connect to libvirt. You just need to provide proper credentials when connecting. — Brian, Mar 26 '12 at 14:26

score 4 · Answer 1 · answered Mar 26 '12 at 14:25

4

I would suggest creating an external PHP file on your server that would handle everything related with this extension. And then, you could call this script with shell_exec in combination with sudo.

This way, you could put your webserver user in your sudoers file and let it run php-cli as root.

Then, in your script you could simply use:

$output = shell_exec("sudo /bin/php /yourscript.php");

This would be a much more secure solution than running Apache as root, which in my opinion, is a verry bad idea, even if you know what you are doing.

answered Mar 26 '12 at 14:25

Pierre-Olivier

3,104
19
37

Would it be faster for 1M users ? – Rami Dabain May 20 '13 at 04:36
1

Performance was not a concern in the initial question. Like I said, this is a very bad practice and I wouldn't rely very much on it. YMMV. – Pierre-Olivier May 21 '13 at 12:37

score 2 · Answer 2 · answered Mar 26 '12 at 14:17

2

If you know what you are doing, look at the file /etc/apache2/envvars :

You can customize these variables

export APACHE_RUN_USER=root
export APACHE_RUN_GROUP=root

answered Mar 26 '12 at 14:17

Maaaaat

236
3
8

Not working; Error:Apache has not been designed to serve pages while\n\trunning as root. There are known race conditions that\n\twill allow any local user to read any file on the system.If you still desire to serve pages as root then add -DBIG_SECURITY_HOLE to the CFLAGS env variable and then rebuild the server. It is strongly suggested that you instead modify the User directive in your httpd.conf file to list a non-root user. – abrfra Aug 18 '20 at 13:42
1

Yes, this might have changed since 2012. – Maaaaat Aug 18 '20 at 17:15

score 0 · Answer 3 · answered May 20 '16 at 09:40

I echo the concerns running the apache process as root. Its just a bad idea. Thats why I recently published a project that allows PHP to obtain and interact with a real Bash shell. Get it here: https://github.com/merlinthemagic/MTS

After downloading you would simply use the following code:

$shell    = \MTS\Factories::getDevices()->getLocalHost()->getShell('bash', true);
$return1  = $shell->exeCmd('php /var/scripts/test.php');
//the return will be a string containing the return of the script
echo $return1;

Apache as root on ubuntu

3 Answers3

Linked