Hey guys,
A client of mine wants me to develop and host a website that will have multiple domains, and he wants to be able to add domains at a later date... so basically I need to build a PHP Application which can add a VirtualHost directive to a special apache configuration file, add an entry to /etc/named.conf, create a file to /var/named/newhost.hosts and fill it with the DNS info, and then reload apache and Bind. For many of these things, I can create "special" configuration files which the webserver has permissions to modify, and then include these special files in my normal config files. (I.E. in httpd.conf, Include ~client/extrahosts.conf and chown apache ~client/extrahosts.conf)... if I do that, the Webserver will have permission to *configure* the new domains but not restart the servers... here are my questions:
1. Is this a really, really, really bad idea? Because it sounds to me like giving the webserver access to anything besides webpages could be the making of a security flaw. (And if it is, I'll figure out a more secure way to do this, for sure!)
2. How can I implement this? Is there a way in PHP to setuid, so I can call `/etc/ini.d/httpd reload` and `/etc/init.d/named reload`? Do I have to run two apache servers, one running as root? Can I add apache to the sudoers file, granting it access to those tow commands?
3. Will calling `/etc/init.d/httpd reload` from within httpd cause nasty things™ to happen?
4. Any other suggestions on how to do this? Is there a way to set up a generic apache host that will "decide" (via PHP or whatever) which documents to server without modifying config files?
Thanks guys!
Joshua Gitlin
Lead Web Designer
Glow Films, Inc.
http://www.glowfilms.com/
- Re: [TriLUG] Executing admin commands in PHP Joshua Gitlin
- Re: [TriLUG] Executing admin commands in PHP Jeffery Painter
- Re: [TriLUG] Executing admin commands in PHP Joshua Gitlin
- Re: [TriLUG] Executing admin commands in PHP Jason Tower
- Re: [TriLUG] Executing admin commands in PHP Joshua Gitlin
