Linux run as www data

How to run crontab as user:www-data?

My LAMP is setup to work as user:www-data and all files and folders are created with that permissions. I have setup for crontab as user@ubuntu. So i do crontab -e and use this command:

*/5 * * * * php /var/www/public/voto_m/artisan top >/dev/null 2>&1 

Basically that command just creates cache file in specified place (no problems with that), but that cache file is created with user:user permissions not user:www-data permissions. How can i make that it will by default create file with user:www-data permissions?
I can’t go and chown each time file is recreated. Thanks.

Note that some crontab scripts which run as www-data (e.g. for awstats , or php5 sessionclean) are located in /etc/cron.* directories and thus not visible through crontab -e (even when specifying user www-data).

5 Answers 5

You can also run crontab with the -u argument to edit a crontab for a specific user:

You can write your entry into the system crontab /etc/crontab , which takes an additional argument specifying the user to run as (usually root, but can be www-data).

*/5 * * * * www-data php /var/www/public/voto_m/artisan top >/dev/null 2>&1 

Or you can edit the crontab of user www-data with su :

sudo su -c "crontab -e" www-data -s /bin/bash 

For ease of management, the line can also be put in its own file in /etc/cron.d with a descriptive name, e.g., /etc/cron.d/artisan .

To run a crontab as user www-data you can use the following command:

Then you write a line, for example to run a php file every 15 minutes:

*/15 * * * * php -f /path_to_cron/cron.php 

When saving it, you will be asked by the editor:

File Name to Write: /tmp/crontab.HMpG7V 

Save it there, no worries. crontab -e opens a file in /tmp instead of the actual crontab so that it can check your new crontab for errors and prevent you from overwriting your actual crontab with those errors. If there are no errors, then your actual crontab will be updated. If crontab -e just wrote straight to your actual crontab, then you would risk blowing away your entire crontab.

To verify that your cronjob runs, you can check the cron logs. typically in /var/log/cron.log or executing the following command:

Источник

What is www-data in Linux?

www-data is the user that web servers on Ubuntu (Apache, nginx, for example) use by default for normal operation. The web server process can access any file that www-data can access. It has no other importance. From the base-passwd documentation ( /usr/share/doc/base-passwd/users-and-groups.

What is Chown www-data?

Shortly, sudo gives user a privilege as a root system. And then, about chown , chown is used for setting the ownership of folder or file. The syntax for chown is user:group – so this command changes the ownder of all files to www-data, and the group to www-data.

What group does www-data belong to?

Apache group
Folder setup Now we need to ensure the public_html folder is owned by the main user (demo) and is part of the Apache group (www-data).

How do I run a command as www-data?

4 Answers. Just use su – www-data -c ‘svnadmin create /svn/repository’ in your script run by root. So that only this command is run by www-data user. su [options] [username] The options which apply to the su command are: -c, –command COMMAND Specify a command that will be invoked by the shell using its -c.

How do I set data permissions?

1. Establish a [new directory] at /var/www.
2. Change the directory owner and group: sudo chown www-data:www-data /var/www/[new directory]
3. allow the group to write to the directory with appropriate permissions: sudo chmod -R 775 /var/www.
4. Add myself to the www-data group:

How do I change www-data?

Change Apache’s Default User www-data or Home Directory /var/www/

1. sudo nano /etc/apache2/envvars.
2. export APACHE_RUN_USER=user export APACHE_RUN_GROUP=user.
3. sudo service apache2 restart.

What is sudo chown command?

The chown command changes user ownership of a file, directory, or link in Linux. A user with sudo privileges to change the ownership. Remember to run the commands with sudo to execute them properly.

What is password for WWW-data?

www-data has no password in DietPi. Its a limited account that doesn’t allow for login as that user.

How to back up your Linux system?

What are all the Linux commands?

How to recover deleted files in Linux [beginner’s guide]?

What is the hierarchy of Linux?

Источник

How to configure PHP CLI on linux ubuntu to run as www-data?

I have a symfony2 application on my ubuntu. Symfony has a plenty of useful console commands (like php app/console cache:clear or php app/console assets:install web ). The problem is If I run them as root user the newly generated files will have root:root user/group, and if I acces my website I get errors (becouse apache cannot read/modify these files -> they should have www-data:www-data ). Running chown www-data:www-data solves the problem, but running it every time I clear my cache is not a solution.

How can I configure PHP CLI to always run as www-data user/group?

How can I run a command as a diffrent user (being root, run it as www-data)?

5 Answers 5

Run a command as another user once:

sudo -u www-data php script.php 

This should work if you have sudo installed and are root (or another user that is allowed to do that; see the sudo group, man sudoers and visudo ).

For reusability, add an alias. Place this in your .bashrc , .profile or similar (and reload the shell to make it effective):

alias phpwww='sudo -u www-data php' 

You can then type phpwww script.php and it will actually execute sudo -u www-data php script.php for you.

For other, more complex and error-prone ways, read on.

As for always running php as www-data , there are several possiblities. You could create a simple wrapper shellscript. If /usr/bin/php is only a soft-link to /usr/bin/php5 or similar, that makes it simpler. Just replace the soft-link (NOT the file php5 ) with a script like this:

#!/bin/sh sudo -u www-data php5 $* return $? 

That’s not tested though. Also be aware that this will ALWAYS try to run php5 as user www-data , even if the user may not be root and may not have permission to do so. And it may also not be what you really want. Some installed services may run into problems when trying to execute php.

A (possibly better) solution to only apply that to root may be to leave the soft-link /usr/bin/php alone and place the script in /root/bin instead. Then add that folder to PATH via .bashrc , .profile or similar. If you have /etc/skel/.profile , that may point out how that is done:

# set PATH so it includes user's private bin if it exists if [ -d "$HOME/bin" ] ; then PATH="$HOME/bin:$PATH" fi 

Once this is in your .bashrc , .profile or similar, every new shell you open will allow you to directly execute any executables (+x) in $HOME/bin ( /root/bin for root).

Hint: You may want to name the wrapper script something like phpwww so you explicitly specify php script.php or phpwww script.php to decide if you want regular or sudo’ed php.

Источник

How to test your PHP code as the www-data user

Apart from running web applications, PHP can execute commands via a shell. But testing your shell script can be tricky, especially when running it as a different user. This post will look at how you can sudo or su as the www-data user to test your PHP code.

Why the user important

For example, running an Apache user will produce different results from the root user. Note that the Apache user is also known as the www-data user. And, the www-data user does not have the same privileges as the root user.

How do you execute commands via the shell?

The exec() function is one of the popular functions for executing system-related commands. You can also use the shell_exec() function. Both functions execute commands via the shell. But the response from each is slightly different.

root vs. www-data user

A root user in any system is the primary user with all the permissions to read, write and execute commands. A www-data user is a user that web servers make use of by default for any operation. The web server can only access the files that the www-data user can access. Of course, Linux allows you to sudo or us as the www-data user. So naturally, this post will show you how to do that.

What is the PHP exec function?

The exec() function is a PHP inbuilt function that executes an external program. It returns the last line of the output as a string or FALSE if the command fails.

exec($command, $output, $return_var ) : string|false

• $command – This is the command that the exec() function will execute.
• $output – This is the parameter that specifies the array that will be filled with the command output.
• $return_var – This parameter returns the status of the executed command.

What is the PHP shell_exec function?

The shell_exec() function executes an external program. It returns the complete output as a string. Shell exec will also return false if no pipe could be established. Finally, it can return null if an error occurs or if the command produces no output.

shell_exec(string $ command): string|false|null

How to determine the user shell_exec() or exec() is running as?

This script will output the username of the running PHP process owner:

The output for the above code will be something like this:

Returned with status 0 and output: Array ( [0] => Santo )

You could also use PHP’s get_current_user() function:

How do run your code using sudo or su as the www-data user?

Login in as the Apache (www-data) user on your Linux box using the following SSH command:

sudo su -s /bin/bash www-data

This will, in turn, create temporary access as the www-data user for testing shell commands. You can now run your PHP script as the www-data user and test it. Finally, type ‘exit’ to return to your logged-in user.

Latest Posts

Scan Your Docker Images and Containers with VirusTotal: A Step-by-Step Guide

Bitbucket for Newbies: Mastering Basic Commands and Collaborating on Code

Accelerate Your Performance Testing on Ubuntu with k6 and Postman-to-k6

Solve the “Cannot read properties of undefined (reading ‘type’)” error with these simple fixes

December 19, 2022 May 1, 2023

Solving the ‘tail: inotify resources exhausted’ Error on Ubuntu

December 18, 2022 May 1, 2023

Copyright 2018-2022 Anto Online.

All rights reserved. Please consider the information, scripts and instructions carefully before using it yourself. Make sure you have ample backups! The information, scripts and instructions are provided without warranty. Consult a professional if you are unsure. Anto does not speak on behalf of any company and our opinions are our own.

The feature images have been provided by pexels.com and unsplash.com.

Источник