Create linux user using php?

Question

I'm currently working on creating a member system for my FTP server for close friends that I want to have access to the server, however the FTP server that I'm using(proFTPd) utilizes the linux users as each member's account. So I need to use an html form with php of course that will have access to the server and be able to create a user on the system.

Right now I have the form completely setup with it validating the email/username/password and saving it to my sql database. The only thing I'm missing is creating the new user to finish it out.

I know it's not always the safest thing however I do want to do it and I do know the dangers so any help would be nice...

As of right now from what I've always used to create a user on linux(or my version of Ubuntu atleast) it's:

useradd [username] -p [password] -d [/path_to_home_directory] -s [/bin/false]

without the brackets of course.

I also know the php commands: shell_exec, exec, system() However I have tried each one of these with the line to create the user in it and nothing will work.

I did a little more research and noticed that the webserver is running on www-data(which it should be) and it does not have access to the useradd command. So I 'viduso' it and still had no change.

From what I've seen I can give the www-data access to a script on the server that will then create the user as root however I do not know how to transfer the variables stored in php to the script.

If you need more details to help just ask. This is the last thing I need to finalize my last 2 month project which includes a desktop application and all that. It's so close but I can't seem to get it.

Answer 1

I think that the most secure way to do this is to set your webserver user as a sudoer for only the commands that begin with useradd or adduser whatever your distrib is. So you dont have to make your web user as root.

Answer 2

Just a note. With control panel types of things you do have to perform actions as root sometimes. I've found the best ways to do this are to run the PHP control panel without any escalated privileges. It's hard enough to make a properly secure PHP web app as it is without exposing the host system.

If the control panel needs to make a change that requires root access, or any access level above the web server user, it's better to store the information about the change that needs to be made somewhere the web server user has normal access to - in a database or by creating a text file somewhere the web user can write files. The usual sanitisation can take place for user-submitted data before the information is stored.

Then run a cron script every minute, or hour, or whatever's right for the occasion, as root, grab the data from wherever it's stored, and perform the required action. You can also perform sanity checks in this script.

Answer 3

The script will be like that:

<?php

$user_name = "uuttyy";
$user_pass = "passwer9911";

$ret_useradd = 0;
$ret_passwd = 0;

passthru('useradd -m '.$user_name, $ret_useradd);

if ($ret_useradd) {
        printf("Something wrong with useradd, code: %d\n", $ret_useradd);
        exit();
}

passthru('echo "'.$user_name.':'.$user_pass.'" | chpasswd', $ret_passwd);

if ($ret_passwd) {
        printf("Something wrong with chpasswd, code: %d\n", $ret_passwd);
        echo exec('userdel '.$user_name);
        exit();
}

printf("All done!\n");

?>

But the right answer is not to do that way, it have security problems! Tune (or change) your FTP server to use user-databases, and add users to that DB. As say Satish, proftpd+mariadb (mariadb is a better fork from mysql) is good for that

Answer 4

You should not create Unix user account for FTP service, You should integrate your proFTP server to use MySQL for authentication (store account in MySQL) so in that case you don't need to create Unix account and it would be far better and safe solution:

proFTP with MySQL

Answer 5

You can set the setuid bit in useradd, so it runs with root access (for example). But note that: THIS IS VERY RISKY. This will allow any user in server to create users.

Anyway, I think it is security hole to allow a web-php-script to create accounts!