Hidden Directories

XN85Turbo

I am trying to do a "fwrite" to a file in a hidden directory. Actually I am building an interface for loading ssh keys into the users .ssh directory

/home/user/.ssh/authorized_keys2

I can write to the file if it is in;

/home/user/ssh/authorized_keys2

any ideas on how to do this correctly. I'm thinking if it wont let me, to move the dir to a non hidden dir, write the file, then move it back. But I am looking for a simpler solution.

bradgrafelman

What do you mean, "it wont let me" means what? You're getting an error? It's not writing correctly?

If it's not "letting" you do that, please be as specific as possible; include the fopen() and fwrite() coding you tried and the error PHP outputted.

XN85Turbo

maybe I will be more specific I CAN NOT WRITE TO A FILE IN A HIDDEN DIRECTORY!!!!!!

Now my work around and yes I have not put in error checking and such this is just basic write to the .ssh/authorized_keys2 file.

code:

<?php
//if(!empty($GET)) extract($GET);
if(!empty($POST)) extract($POST);

// Get info from POST
$user = $POST['username'];
$pass = $POST['password'];

//move hidden directory .ssh
$move = exec ("sudo mv /home/$user/.ssh /home/$user/ssh");

//Change file permissions to write ALL
$write = exec ("sudo chmod 666 /home/$user/ssh/authorized_keys2");
$write2 = exec ("sudo chmod 777 /home/$user/ssh");

//Write user ssh key into ssh/authorized_keys2 file
$filename = ("/home/$user/ssh/authorized_keys2");

$somecontent = "$pass\n";

// Let's make sure the file exists and is writable first.
if (is_writable($filename)) {

if (!$handle = fopen($filename, 'a')) {
echo "Cannot open file ($filename)";
exit;
}

// Write $somecontent to our opened file.
if (fwrite($handle, $somecontent) === FALSE) {
echo "Cannot write to file ($filename)";
exit;
}

// echo "Success, wrote ($somecontent) to file ($filename)";

fclose($handle);

} else {
echo "The file $filename is not writable";
}

//Change file permissions back

$write3 = exec ("sudo chmod 600 /home/$user/ssh/authorized_keys2");
$write4 = exec ("sudo chmod 700 /home/$user/ssh");
$move2 = exec ("sudo mv /home/$user/ssh /home/$user/.ssh");

header("Location: success2.php");
?>

bradgrafelman

Hmm...

What you're doing is pretty much the only thing I can think of to do, since PHP doesn't have permission to that directory. I suppose instead of renaming the entire directory, you could write to a file located somewhere PHP has write permissions, and then sudo mv the file into the hidden directory, applying the correct permissions/owners/groups also.

XN85Turbo

This is the correct way of doing it, You setup and use sudo to change permissions etc since apache runs as "nobody".

code:

<?php
if(!empty($POST)) extract($POST);

// Get info from POST
$user = $POST['username'];
$ssh = $POST['sshkey'];

//Change file permissions to write ALL
$write = exec ("sudo chmod 666 /home/$user/.ssh/authorized_keys2");
$write2 = exec ("sudo chmod 777 /home/$user/.ssh");

var_dump(is_file("/home/$user/.ssh/authorized_keys2"));
echo '<BR>';
var_dump(is_readable("/home/$user/.ssh/authorized_keys2"));
echo '<BR>';
var_dump(is_writable("/home/$user/.ssh/authorized_keys2"));
$fp = fopen("/home/$user/.ssh/authorized_keys2", 'a');
$line = "$ssh\n";
fwrite($fp, $line);
fclose($fp);

//Change file permissions to write ALL
$write3 = exec ("sudo chmod 600 /home/$user/.ssh/authorized_keys2");
$write4 = exec ("sudo chmod 700 /home/$user/.ssh");

//Change file and owner permissions since Apache runs as "nobody"
$chown = exec ("sudo chown $user /home/$user/.ssh/authorized_keys2");
$chgrp = exec ("sudo chgrp \"Domain Users\" /home/$user/.ssh/authorized_keys2");
?>