My command is
echo root_password | sudo -u root -S executable_full_path arguments
The error message I get in the browser is
[sudo] password for www-data: Sorry,
try again.
From phpinfo(), safe mode is off and there are no disabled functions. Why isn’t this working? The same command runs fine in the shell (bash). Escapeshellarg and escapeshellcmd don’t make a difference.
EDIT: Simply being able to execute the command is not enough. The program that gets executed creates a socket in /tmp, and needs to assign it permissions. So I think I really need to be root for this, is that possible?
As Álvaro suggested, I’m putting my comment as answer. Matt, this would make it possible to run that command as root.
@Matt, don’t do that
/etc/sudoers(btw, you edit this file with thevisudocommand, never directly). That way you are making possible that anysudo whatevercommand run by your web application is run by root, possibiliting a lot of fun for an attacker if he founds a vulnerability in your application.If you would like to run just ONE command as root without need for passwords, put this in
/etc/sudoers(remembervisudocommand):Then you are only allowing to execute just this command as root. Now you should be able to do
without need to type in a password (and it will run as root). Also, this is the only command the user www-data may execute as root using sudo, so it should not be dangerous.