Michael A. Peters wrote:
>
> vuthecuong wrote:
>>
>> Hi all
>> My server is centos 5.1 with php 5.1.6.
>> In my app I want apache to add user through sudo.
>>
>> My sudoers file is:
>> %apache ALL=(ALL) NOPASSWD: ALL
>> %tony ALL=(ALL) NOPASSWD: ALL
>>
>> My test.php í:
>> <?php
>> $username="hixhix";
>> system("/usr/bin/sudo /usr/sbin/useradd -s /sbin/nologin -M
>> $username",$returnvalue);
>> echo "return value: $returnvalue";
>> However, user 'hixhix' not created by apache at all, it always returned
>> 1.
>> how can I make my apache tu add user using sudo?
>> Please help me. I need your help.
>> Thanks and regards.
>
> That's not a very secure sudoers file.
>
> But you probably don't want to use sudo to this anyway.
>
> What you probably should do is write a shell script (IE w/ perl) that is
> suid root and executable by apache that adds the user to your system.
>
> I don't know what your sudo error is, but have you looked at your sudo
> log file?
>
> Make damn sure you validate the $username variable whatever solution you
> end up using.
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
>
Yeah I know my script don't care at all about security. I'm keeping it fot
the sake of simplicity.
After making it 'work', I will take a look seriously about security.
So, why it not create user for me?
thanks and regards
--
View this message in context:
http://www.nabble.com/apache-user-cannot-execute-useradd-via-sudo-%3A%28-tp23668764p23680766.html
Sent from the PHP - General mailing list archive at Nabble.com.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php