operative Posted September 22, 2009 Share Posted September 22, 2009 Hello everyone, I'm trying to write a php file that executes a shell command (using shell_exec()) to kill a process when a button on a website is pressed. The reason why i'm doing this is, that this server (wow server emulator) crashes sometimes and i don't want to log on via ssh every time and kill it using the kill (or pkill). so far i'm getting the PID of the server using 'pidof' or directly using pkill -f in a shell script. What i totally forgot was the fact, that the wow server is running under it's own user (apache2 also has it's own user) so my question is: how can i kill the process of another user using shell script? This is my configuration: Ubuntu 9.04 Server wow server emulator apache2 + php Quote Link to comment Share on other sites More sharing options...
Jason Cooper Posted September 22, 2009 Share Posted September 22, 2009 The easiest way would be to create a program as root that you can setuid. This will let the program become root when it is called and as root you will avoid the problems of different users. Here is a program you should be able to compile with gcc and all you will need to do is change the system call to run your restart script (if you have a script in the /etc/init.d directory for your service then calling that with restart should be enough) Once you have compiled it you will need the chmod 4755 the executable to set the setuid bit. #include <stdlib.h> #include <stdio.h> #include <unistd.h> #include <sys/types.h> int main(void) { setresuid(0); system("whoami"); return EXIT_SUCCESS; } Other options would be to have the apache user set up for sudo without entering a password but even in that case you want to limit their sudo to only run the one script. Both these ways work out the be the same as the sudo command is a setuid executable that just has a lot more options. Quote Link to comment Share on other sites More sharing options...
operative Posted September 22, 2009 Author Share Posted September 22, 2009 compiles fine (after an apt-get install gcc) but if i run it with whoami, i get this: whoami: cannot find name for user ID 1670578456 if i run it if "pkill -f htop" to test it, it tells me pkill: 3018 - Operation not permitted :/ Quote Link to comment Share on other sites More sharing options...
Jason Cooper Posted September 22, 2009 Share Posted September 22, 2009 Did you chmod the executable with 4755 and make sure the owner of the executable is root (Sorry, forgot to mention that bit) Quote Link to comment Share on other sites More sharing options...
operative Posted September 22, 2009 Author Share Posted September 22, 2009 Did you chmod the executable with 4755 and make sure the owner of the executable is root (Sorry, forgot to mention that bit) yeah root@servant:~# ls -al total 52 drwx------ 2 root root 4096 2009-09-22 06:02 . drwxr-xr-x 21 root root 4096 2009-09-22 02:23 .. -rwxr-xr-x 1 root root 10995 2009-09-22 06:02 a.out -rw------- 1 root root 2582 2009-09-22 06:01 .bash_history -rw-r--r-- 1 root root 2227 2008-12-23 10:53 .bashrc -rw-r--r-- 1 root root 160 2009-09-22 05:01 code.c -rw-r--r-- 1 root root 561 2009-09-22 02:33 .htoprc -rw-r--r-- 1 root root 140 2007-11-19 09:57 .profile -rwsr-xr-x 1 root root 10995 2009-09-22 06:01 whoami_uid root@servant:~# a.out whoami: cannot find name for user ID 3352884648 root@servant:~# whoami_uid whoami: cannot find name for user ID 2284944168 Quote Link to comment Share on other sites More sharing options...
Jason Cooper Posted September 22, 2009 Share Posted September 22, 2009 What do you get from "ls -n" as it should be picking up the owner of the exectables UID. Quote Link to comment Share on other sites More sharing options...
operative Posted September 22, 2009 Author Share Posted September 22, 2009 What do you get from "ls -n" as it should be picking up the owner of the exectables UID. root@servant:~# ls -n total 28 -rwxr-xr-x 1 0 0 10995 2009-09-22 06:02 a.out -rw-r--r-- 1 0 0 160 2009-09-22 05:01 code.c -rwsr-xr-x 1 0 0 10995 2009-09-22 06:01 whoami_uid root@servant:~# Quote Link to comment Share on other sites More sharing options...
Jason Cooper Posted September 22, 2009 Share Posted September 22, 2009 That is very odd. what happens if you run whoami on the command line? Quote Link to comment Share on other sites More sharing options...
operative Posted September 22, 2009 Author Share Posted September 22, 2009 it displays what it should root@servant:~# whoami root root@servant:~# <edit> strange thing is: this is a fresh install in a vmware workstation. i downloaded the iso this morning, installed ubuntu in a VM, installed apache2, php and ssh. thats it. </edit> Quote Link to comment Share on other sites More sharing options...
Jason Cooper Posted September 22, 2009 Share Posted September 22, 2009 Sudden thought are you using selinux? Quote Link to comment Share on other sites More sharing options...
operative Posted September 23, 2009 Author Share Posted September 23, 2009 no. if it's optional, it's not installed (but i'm using a x64 VM). Installung i386 right now Quote Link to comment Share on other sites More sharing options...
operative Posted September 24, 2009 Author Share Posted September 24, 2009 okay nevermind. solved the problem using /etc/sudoers Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.