NYCPHP Meetup

NYPHP.org

[nycphp-talk] system commands and backups

Hans Zaunere zaunere at yahoo.com
Thu Mar 6 20:28:04 EST 2003


Hi Mark,

--- Mark Armendariz <nyphp at enobrev.com> wrote:
> I am going through the concepts of a php based file backup system for
> server administrators.  I have an idea of what i want to do.  Allow
> admins to create a list of customer directories, set up frequency of
> backups (which will create cron jobs) and let the cron take care of the
> scheduling.

OK.. through a web interface I'm assuming.

> So here's my question.  Is there a way to allow a php script to run
> shell commands as an admin or specific user?

Well, yes... but the question could mean a couple of things.

If you need the apache process that PHP runs in, if you're using mod_php then
you'll need suEXEC (I think) to run as a different user than the default. 
This is not recommended, especially to have it run as root.

If you're using the CGI version of PHP (not CLI mind you) then it'll run as
the process who runs it.  In Linux anyway, you can not setuid a script (it
has to be a binary).  Although there are ways around this, I wouldn't pursue
it.

> In order to tarball these directories, the script will need access to
> them, which is going to require something better than "nobody" as a user.
> I figured maybe if it's run via command line php (not using lynx method)
> that it would be run as the current user (no idea if that's correct).  But
> what if the client doesn't have php installed to be used via command
> line?  Is is still possible to run commands as a different user?

I have a system similar to this and I would take a different approach.  For
one, I have two distinct installs of PHP on my systems - /usr/local/php/ and
/usr/local/psh/ - with each having their own php.ini.  They are compiled as a
Apache DSO and --disable-cgi (which defaults to CLI in 4.3.1), respectivly. 
I also highly recommend 4.3.1 for CLI use.

Now on one tier, you would have a web interface that would let users setup
jobs that they want for backup - let's say you store this in MySQL.

Then, you'd have a PHP script (using /usr/local/psh/bin/php, which I link as
/bin/psh for convience) that would be run by root's cron every hour.  This
script would pull the jobs from MySQL, do sanity checks, do the backup, set
proper permissions, etc.

This way you eliminate security issues, and since the script is being run as
root, you'll have full access to all the user's files and can make proper
backups.  A fairly clean system I feel, that keeps the web away from your
underlying system, eases maintenance, and it fairly straightforward.

H




More information about the talk mailing list