I have proprietary programs under /opt/apex/bin, configuration files under /opt/apex/etc.

I have a web server running under /var/www.

The web server runs php scripts that need to read the config files under /opt/apex/etc and
the php scripts need to exec some of the binaries in /opt/apex/bin.

I know there are ways to access configuration files and programs from Apache outside the document root, but how best to set that up? I'm thinking of creating a group that Apache will have as a secondary group and setting that group on the binaries. For giggles, let's call that supplementary group experiment1. So how can Apache run binaries that are set up as group
experiment1?  I'm thinking the binaries will be like so:
...
rwxr-x--- pi experiment1 6269 Jan 24 17:25 /opt/apex/bin/udp_client
...

An Apache script running under user www-data group www-data will
have the following in it:
...
shell_exec("/opt/apex/bin/udp_client $localIP $controllerPort \"/MoveI $x,$y\"");
...

The goal here is to get the permissions and supplementary group correct so Apache can run the program. The program is outside Apache's document root. The goal here is to
do this in a safe and straightforward manner.

I need to know how to set up experiment1 as a supplementary group of www-data or Apache.

I need to know how to allow Apache to access executables in a specific location outside the document root. Preferable to use relative paths. Can php scripts use something similar
to the bash PATH environment variable?
_______________________________________________
PLUG mailing list
[email protected]
http://lists.pdxlinux.org/mailman/listinfo/plug

Reply via email to