How can i verify if a user is root in a PHP script ? What is the command ? I tried something like that :

exec("su -l login < `echo password`");

but the su command can not receive password...

Note that the machine is isolated from internet so I can run PHP as root if needed.

EDIT: I don't want to know if the current user who run the sc开发者_如何学运维ript is root or not. I have a list of users in my PHP script and I want to know for each login if he has root privileges.

How about posix_getuid()?

if (0 == posix_getuid()) {
    echo "Running as root.";
} else {
    echo "not root";
}

First, ask yourself what exactly defines a login "having root privileges". AFAICT there are 2 basic solutions.

The old-school way, where sysadmins create multiple accounts with uid 0, which I - and I'm certainly not alone in this - consider to be a nightmare. In this scenario you could check all users in your list using posix_getpwnam and see if their uid matches 0.

The following code snippet does just that, $privileged will contain the users with root privileges :

$logins = array('root', 'john', 'guest', 'foo');
$privileged = array();
foreach($logins as $login) {
    $userInfo = posix_getpwnam($login);
    if ($userInfo !== FALSE) {
        if ($userInfo['uid'] == 0) {
          $privileged[] = $login;
        }
    }
}

The other (and imho only sane) way to do this is to add all users with root/administrative privileges to a specific group (wheel or admin are already used in different Linux distributions, find out which one works for you). This scenario is even simpler, since you can use posix_getgrnam to fetch all members in a specific group.

The following code snippet will match an array of logins you provide, and see who's a member with specific privileges, again $privileged will contain the result (ie. the users in your list that are a member of the group you specified) :

$logins = array('root', 'john', 'guest', 'foo');
$privileged = array();
$groupInfo = posix_getgrnam('admins');
if ($groupInfo !== FALSE) {
    $privileged = array_intersect($logins, $groupInfo['members']);
}

Try This .

<?php
    if (posix_getuid() == 0){
        echo "This is root !";
        // add more for root
    } else {
        echo "This is non-root";
    }
?>

If you really mean "is root", then you can just check for whoami, and see if it comes up 'root'

exec("whoami");

If it's a smart thing to do is a different question ;)

Rewritten after your comment

"I don't want to know if the user who run the script is root or no. I have to check in a PHP script for some login/password if they are root or not"

I now understood that you need to perform a root authentication in PHP.

I suggest to use pwauth instead of whoami/login, etc.

Here is an example on how to use it from PHP, while I believe there can be a simpler way of testing.

If you want to see if a certain system user (as opposed to a web-service user) has root priviliedges, you can use the posix_getpwnam() function:

<?php
    $u = posix_getpwnam("username");

    if ($u == FALSE) {
        print "no-such-user";
    } elseif ($u["uid"] == 0) {
        print "root";
    } else {
        print "non-root";
    };
?>

Keep in mind that this only checks the username. If you also need to check the password you actually have to try to authenticate with the system.