Reputation: 8106
PHP shell_exec() and sudo: must be setuid root
I have a shell_exec() command that accesses a directory above my document root so I need to use sudo "as root" to make it happen. (I understand the security issues and am putitng in measures to address it).
The issue is when I run the shell_exec() I get a "sudo: must be setuid root" error in my apache error_log file.
I thought the solution was to chmod 4750 the bash script that is called by my sheel_exec() but that does not do the job.
What exactly is "sudo: must be setuid root" trying to tell me and how might I resolve it?
Upvotes: 1
Views: 12685
Answers (4)
Reputation: 382
To fix this problem you need to chown and chmod sudo file as root as below.
chown root:root /usr/bin/sudo
chmod 4111 /usr/bin/sudo
chmod 0440 /etc/sudoers
Upvotes: 0
Reputation: 8406
Alternatively, skip sudo altogether. If your script is owned by root and has its own setuid bit set, then you don't need to use sudo to get root privileges. In fact, it can be more secure that way; you guarantee that your web user can only use that script, without having to edit sudoers. To do so, remove sudo from your shell_exec() line:
<?php
shell_exec('/path/to/your/command');
?>
Upvotes: 1
Reputation: 8406
Is the sudo executable itself setuid root? You may need to
chown root: /usr/bin/sudo
chmod u+s /usr/bin/sudo
Upvotes: 2
Reputation: 30985
Did you check the permissions for your script?
Who is owning the script?
Does the web user has the rights to sudo?
Upvotes: 0
Related Questions
- php shell_exec with sudo commands not working
- Run PHP shell_exec() like root user
- PHP sudo in shell_exec
- php shell_exec permission denied
- php exec with sudo fails on CentOS
- exec and shell_exec not working in php
- Problems with php shell_exec permissions
- PHP shell_exec() - having problems running command
- shell_exec() - Error when executing php script
- Executing commands with sudo using php