问题
Summary
I have apache running on a Linux machine where a certain program is installed. I want to call the program from a php page and get the output.
Special constraint
The program needs certain environment variables to run, e.g. LD_LIBRARY_PATH with path to libraries plus extra variables. The environment is defined for a user X on the machine that is not the apache user.
Proposed options
So far I have thought of the following options (not meaning that they are all smart or safe):
- Allow user apache to run the program as user X (in a way that allows having the full environment). Recipe ?
- Modify the environment of user apache. I don't see how because apache is a nologin user.
- SSH to another machine as a user that has the proper environment. It means to have a no password (public/private keys) connection between the web server and this machine. Is it dangerous ?
Questions
- Did I overlook a simpler or better option ?
- What option would you use and why ?
回答1:
if you know the (values of) environment variables you need to set, you could simply prepend them to your exec
exec('LD_LIBRARY_PATH="/you/paths"; OTHER_VAR="baz"; /your/bin');
that will execute /your/bin with the given ENV variables set, but as the apache user, not user X. If the program needs to run as a specific user, SSH doesn't seem like such a bad idea.
回答2:
Do you have full control over this platform?
You can look into suexec, or mpm-iTK
You could configure the above within a virtual host, and set the run as user or group to that which has access to your binary.
In your current setup, you could create a new group, assign the apache user/group to said group, apply group to the binary you want to execute with read/write or read/execute permissions, and let the good times role.
来源:https://stackoverflow.com/questions/11296609/how-to-execute-a-program-from-a-php-web-page