User Nobody Can’t Access File

Home » CentOS » User Nobody Can’t Access File
CentOS 5 Comments

Hey guys,

I need to give the ‘nobody’ user (which is what our apache runs as) no password access to a file, via sudo. This is what I’ve tried:

nobody ALL=(ALL) NOPASSWD: /var/www/qa/launchpadnew/site/ftp_check.php

But if I become the nobody user and try to access the file, it tries to prompt me for a password:

-bash-3.2$ php /var/www/qa/launchpadnew/site/ftp_check.php
[sudo] password for nobody:

Can someone please point out for me where I’m going wrong? Cuz I don’t see it!!

Thanks ! :)


5 thoughts on - User Nobody Can’t Access File

  • try “sudo php /var/www/qa/launchpadnew/site/ftp_check.php” and “sudo

    You’re giving the user the ability to run
    /var/www/qa/launchpadnew/site/ftp_check.php but not necessarily php. Your script might not need it, so try it each way. And, since you’re using sudo, you need to call “sudo” before the command.

  • This whole thing sounds scary… Is there really no other (less scary) way to achieve what you want to achieve?


    Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247

  • where did sudo even come into this picture?

    does this ftp_check.php script fork a shell with sudo or something?

    sounds like a VERY bad way of doing whatever it is you’re trying to do.

  • Hi,

    In sudoers file, you have to provide the whole path of the “php” command to execute any php file.

    I agree with John here. You should use better method to do this.

    –Regards Ashishkumar S. Yadav

  • Tim Dunphy writes:

    In addition to all other comments so far, ‘nobody’ is a bad choice for httpd. If this is your distro’s default, it’s a bad one. It is better to create a dedicated user that is guaranteed to be used only as configured by you.