vuthecuong wrote:
Hi all
My server is centos 5.1 with php 5.1.6.
In my app I want apache to add user through sudo.
My sudoers file is:
%apache ALL=(ALL) NOPASSWD: ALL
%tony ALL=(ALL) NOPASSWD: ALL
My test.php í:
<?php
$username="hixhix";
system("/usr/bin/sudo /usr/sbin/useradd -s /sbin/nologin -M
$username",$returnvalue);
echo "return value: $returnvalue";
However, user 'hixhix' not created by apache at all, it always returned 1.
how can I make my apache tu add user using sudo?
Please help me. I need your help.
Thanks and regards.
That's not a very secure sudoers file.
But you probably don't want to use sudo to this anyway.
What you probably should do is write a shell script (IE w/ perl) that is
suid root and executable by apache that adds the user to your system.
I don't know what your sudo error is, but have you looked at your sudo
log file?
Make damn sure you validate the $username variable whatever solution you
end up using.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
