User Nobody Can’t Access File
Hey guys,
I need to give the ‘nobody’ user (which is what our apache runs as) no password access to a file, via sudo. This is what I’ve tried:
nobody ALL=(ALL) NOPASSWD: /var/www/qa/launchpadnew/site/ftp_check.php
But if I become the nobody user and try to access the file, it tries to prompt me for a password:
-bash-3.2$ php /var/www/qa/launchpadnew/site/ftp_check.php
[sudo] password for nobody:
Can someone please point out for me where I’m going wrong? Cuz I don’t see it!!
Thanks ! :)
Tim
5 thoughts on - User Nobody Can’t Access File
try “sudo php /var/www/qa/launchpadnew/site/ftp_check.php” and “sudo
/var/www/qa/launchpadnew/site/ftp_check.php”
You’re giving the user the ability to run
/var/www/qa/launchpadnew/site/ftp_check.php but not necessarily php. Your script might not need it, so try it each way. And, since you’re using sudo, you need to call “sudo” before the command.
This whole thing sounds scary… Is there really no other (less scary) way to achieve what you want to achieve?
Valeri
++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++
where did sudo even come into this picture?
does this ftp_check.php script fork a shell with sudo or something?
sounds like a VERY bad way of doing whatever it is you’re trying to do.
Hi,
In sudoers file, you have to provide the whole path of the “php” command to execute any php file.
I agree with John here. You should use better method to do this.
–Regards Ashishkumar S. Yadav
Tim Dunphy writes:
In addition to all other comments so far, ‘nobody’ is a bad choice for httpd. If this is your distro’s default, it’s a bad one. It is better to create a dedicated user that is guaranteed to be used only as configured by you.