Failed to restart Firebird by PHP

Question

Failed to restart Firebird by PHP

Asked 7 years, 10 months ago

Viewed 59 times

1

I have a virtual server with Linux-Debian operating system, which is configured as Nginx web server and Firebird database. I have a script that performs a Firebird restart routine and executes it when a crash occurs. My script, which is located in: '/scripts/restart_firebird.sh' I can run it normally for SSH. The need arose to put the script to run through a request through a PHP script. The command used is:

$output = shell_exec("/scripts/restart_firebird.sh");
echo $output;

When executing, I get the message:

Stopping Firebird 2.5 superclassic server....

I checked the Firebird log files located in '/var/log' but this error is not being recorded.

Contents of the sh script:

firebird2.5-superclassic Restart service

There must be some problem with Nginx user permissions when trying to run the script. To be sure, try to log in with your Nginx user on the server and run the script.

– Celso Marigo Jr

2016/12/30 at 19:25
@Celsomarigojr, the user of Nginx is 'www-data'. I tried to run the script by SSH with this user and the error message it shows is: service: not found. How could I give this user permission?

– Carlos Andrade

2016/12/30 at 19:34

1 answer

Browser other questions tagged php firebird-2.5

You are not signed in. Login or sign up in order to post.

by Celso Marigo Jr • **2,774** points · Answer 1 · 2016-12-30T19:52:58+00:00

1

The simplest way to run a script the way you need is by using visudo. But see this is just one way, I suggest you better understand the working of permissions on Linux, and the use of visudo incorrectly can cause security problems on your server.

$visudo

It would be like below, will allow execution without asking password:

www-data ALL = NOPASSWD: /scripts/restart_firebird.sh

In Debian, what would be a similar command that has the same effect? Because visudo or sudo are unknown commands.

– Carlos Andrade

2016/12/30 at 19:59
Making a few more attempts, I discovered that the case is more serious. Actually the www-data user can run the sh script. What he is without permission is to manipulate services itself. I would have to add www-data to the root group?

– Carlos Andrade

2016/12/30 at 20:28
As I said before understand well how the linux running permissions work. It is not safe for you to put www-data in the root group.

– Celso Marigo Jr

2017/01/02 at 12:46
Understood. I see that the solution would be to execute the command informing the root user. Searching, I found the following command: su -c "comando" -s /bin/sh root. Only the root password is requested. It is possible to add the password on the command line?

– Carlos Andrade

2017/01/03 at 02:25
1

really you were right, the whole problem was related to user permissions "www-data". I had to make some changes... First I installed and configured the "sudo" and modify the command to: sudo -H -u www-data bash -c '/etc/init.d/firebird2.5-superclassic restart'. Because with "firebird2.5-superclassic service Restart" I wasn’t recognizing.

– Carlos Andrade

2017/01/03 at 23:55