Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses
 
PerlMonks  

Re^2: sudo from Apache

by afoken (Prior)
on Sep 03, 2011 at 07:34 UTC ( #923967=note: print w/ replies, xml ) Need Help??


in reply to Re: sudo from Apache
in thread sudo from Apache

You don't need a password for www-data. sudo can be configured to allow one or more users to run one or more commands without any password. See the sudo documentation, especially man 5 sudoers.

A line from my /etc/sudoers file, allowing every user to run the two scripts /service/fetchmail/wake and /service/fetchmail/status:

%users ALL = NOPASSWD: /service/fetchmail/wake,/service/fetchmail/sta +tus

Replace %users with www-data and only the user www-data is able to run the scripts.

Replace the script names with some other script names and obviously, the other scripts can be executed without entering a password.

Combine both and www-data can run a mount script and a umount script that call the mount and umount commands with fixed parameters.

Alexander

--
Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)


Comment on Re^2: sudo from Apache
Select or Download Code

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://923967]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others chanting in the Monastery: (7)
As of 2015-07-06 10:18 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (71 votes), past polls