How to shutdown Ubuntu with exec PHP

I really need to shut down开发者_如何转开发 ubuntu with PHP exec. But I probably have some problem with permission.

echo exec('whoami')

return 'nobody';

So I put in console

adduser nobody admin

and tried

exec("shutdown -h now");

But It doesn't work ;(

Giving the user PHP runs as root rights is highly dangerous. This is not a good idea at all, because you open up your whole server if a vulnerability in a PHP script gets exploited. On a production server, this is absolutely not acceptable.

The only way to do this securely that I know of is having a cron job run a shell script as root every minute or so. The shell script tests for the presence of a file like shutdown_now.txt. If the file exists, the script starts the shutdown procedure. The PHP script creates the shutdown file if so instructed.

I'm not well versed enough in shell scripting to provide an example, but I'm sure somebody can if necessary.

Actually Pekka gave you a good advice. In your php file create a file that will force rebooting, something simple like

  $file = fopen('.reboot-server',"w");
  fwrite($file, 'reboot');
  close($file);

Make a bash script that will check for that file

#!/bin/bash
if [ -f /var/www/html/.reboot-server ]; then
  rm -f /var/www/html/.reboot-server
if [ -f /var/www/html/.reboot-server ]; then
   echo "Can't remove file .reboot-server"
else
  /sbin/shutdown -r now
fi
fi

And add it under cronjob

*/1 * * * * root /home/scripts/reboot.sh

This answer is illustrative only. Do not actually do this.

• Make a copy of /sbin/shutdown (as root) to a place where the PHP user can access it.
• Set the SUID bit of the copy, so that it can run as root. chmod 4755 /copy/of/shutdown

When PHP executes the copy of shutdown, shutdown will run with root privileges. This eliminates the cron job and the possibility that a stale 'shutdown_now.txt' would cause the system to halt again shortly after being powered up.

Again, the wholesale use of the setuid bit is dangerous. Any time you use it, think carefully about what the program might be able to do if abused. In this case, a hole in your app could cause an attacker to remotely halt the system. But, the attacker could do that no matter what method you use to talk to shutdown. It's up to you if that is an acceptable risk.

Additionally, if you are going to do this, do not run PHP as an anonymous system user, you really want suexec. Just make sure there's no way to pass anything arbitrary to the command you send. Don't let someone get a && do_evil_deed on the end of, or beginning of it.

A much safer way to do this would be through the use of any one of the available SSH classes for PHP, connecting as a user jailed in a chroot, with sudo rights only to the shutdown program. Or, basically, any time PHP needs to do something to the OS, imagine the smallest surface you can think of in order to do it, then try to make it even smaller.

What about giving the user, that runs apache, the permission to run shutdown with sudo rights?

Open the sudoers file with

sudo visudo

Add the line

www-data ALL=NOPASSWD:/sbin/shutdown

(www-data should be the user that runs apache. You can check this with ps aux | egrep '(apache|httpd)' and assuming the shutdown binary is in /sbin)

Save with ctrl-O

Now this should work in php:

system("sudo shutdown 0");

Try running exec like this

exec( 'shutdown -h now', $output, $return_val );

print_r( $output );
echo "\n";
echo 'Error: '. $return_val ."\n";

And look at the errors, I just tried running a php script with the root user and it worked on my machine.

If this does not work, consider having a cronjob running under root privileges that checks periodically if it should run shutdown on the macine.

After many tries I decide to go with an easy one: exec("ssh root@localhost reboot") Just make sure you have your user id ('user's'/.ssh/rsa_id.pub) on /root/.ssh