1

I have a php web page being ran by the apache server, it is stored in /var/www/myweb/ and called index.php

Now I am trying to call a script in /home/me/ called test.sh from the php webpage . All it does is create a file1 on /home/me/

test.sh: 

#!/bin/bash


touch file1
~                                                                                                     
~                                                                                                     
~                                                                                                     
~

inside index.php, I am trying to call the script

index.php:

  if ($_GET['run'])
                   {
                                          exec('/home/me/test.sh');
                   }

unfortunately this is not working, and it seems the reason is permission problems. I went ahead and try to run this command from /var/www/myweb/ 

/home/me/test.sh

and I got this error:

touch: cannot touch ‘file1’: Permission denied

Is there a way to fix this problem ?

Improve this question
4
  • depending on your system apache2 server use the user "www-data" or "http" or other settings. The test.sh have to be executable and got the right permissions. Commented Mar 28, 2016 at 1:10
  • Do you ever use cd or chdir() in your scripts? What does ls -ld /var/www/myweb /home/me return? Your code probably does not execute where you think it does. Commented Mar 28, 2016 at 1:12
  • drwxr-xr-x 29 me me 4096 Mar 27 21:02 /home/me/ drwxr-xr-x 4 root www-data 4096 Mar 27 20:22 /var/www/html/ Commented Mar 28, 2016 at 1:20
  • @Amadan this is what it returns Commented Mar 28, 2016 at 1:20

1 Answer 1

Reset to default
1

If you do not change a directory, you are not trying to touch /home/me/file1, but /var/www/myweb/file1. However, /var/www/myweb permits root to rwx; www-data group to r-x and also everyone else to r-x. When Apache runs it, it is running it as www-data, in www-data group; it gets the group permissions r-x, which prohibit creating a new file. When you run it, it is running as me, presumably not in www-data group, which takes the last set of permissions: still r-x, still unable to write.

Ideally, you would want to provide the full path to the file being created, to avoid confusion about where in the file system you are, and that location would want to have the permissions drwxrwxr-x (or drwxrwsr-x) for me and group www-data.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.