Systemctl command with PHP

Need to run the following command through shell_exec:
sudo systemctl reload filezilla-server

I have the following code in the sudoers file:
www-data ALL = NOPASSWD: /bin/systemctl systemctl reload filezilla-server

And it works when I run the exact same command in the terminal, but not through php. E.g. I tried the following which works:

sudoers: testuser ALL = NOPASSWD: /bin/systemctl systemctl reload filezilla-server
terminal: sudo systemctl reload filezilla-server

How can I make this work?

Do you get an error?

Are you sure your webserver is run by www-data?

No errors, empty output.

FPM config:
user = www-data
group = www-data
listen.owner = www-data = www-data

So it should be www-data… :slight_smile:

I tried the following which works:
sudoers: www-data ALL = NOPASSWD: /etc/init.d/apache2 stop
php: sudo /etc/init.d/apache2 stop

So it seems to work with “real path” commands instead of systemctl. The problem is that I dont know how to translate “systemctl reload filezilla-server” to its “real-path”

Systemctl has no real path. You can call it from anywhere.

I would guess that your PHP user has no sudo rights and therefor is not allowed to run systemctl

shell-exec whoami returns www-data and the sudoers file is correctly setup

Can you try the following from PHP:

sudo /bin/systemctl reload filezilla-server

Tried it now, does not work

How about

/usr/bin/sudo /bin/systemctl reload filezilla-server

Systemctl is only useable by sudo. If you want to start/stop services with a no sudo user like PHP you should use services command directly

Also insert standard big red flags the size of battleships about giving unrestricted and unpassworded sudo access to a process that involves end-user interaction on a server that lets you upload files…

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.