Beefy Boxes and Bandwidth Generously Provided by pair Networks
P is for Practical
 
PerlMonks  

Re^2: sudo from Apache

by afoken (Parson)
on Sep 03, 2011 at 07:34 UTC ( #923967=note: print w/ replies, xml ) Need Help??


in reply to Re: sudo from Apache
in thread sudo from Apache

You don't need a password for www-data. sudo can be configured to allow one or more users to run one or more commands without any password. See the sudo documentation, especially man 5 sudoers.

A line from my /etc/sudoers file, allowing every user to run the two scripts /service/fetchmail/wake and /service/fetchmail/status:

%users ALL = NOPASSWD: /service/fetchmail/wake,/service/fetchmail/sta +tus

Replace %users with www-data and only the user www-data is able to run the scripts.

Replace the script names with some other script names and obviously, the other scripts can be executed without entering a password.

Combine both and www-data can run a mount script and a umount script that call the mount and umount commands with fixed parameters.

Alexander

--
Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)


Comment on Re^2: sudo from Apache
Select or Download Code

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://923967]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (9)
As of 2014-12-19 12:23 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (81 votes), past polls