exec PHP process in background using sudo - pwd prompt fails

sneakyimp

I'd like to start a background job using the sudo command and route its output to a file.

This presents a problem because the prompt for the password doesn't work properly.

It looks something like this when I try it:

Mac:server user$ sudo php crossdomain_server.php > data/crosscomain_output.txt &
[3] 30303
Mac:server user$ Password:


[3]+  Stopped                 sudo php crossdomain_server.php > data/crosscomain_output.txt
Mac:server user$

Basically I'm not properly prompted for the password and as soon as I type anything in my background job fails because it didn't receive the password.

Is there any way to execute a sudo command by supplying the password on the same line as the command?

dagon

google found several different ways, i guess i could cut and paste, or you could just google your self!

sneakyimp

I googled and it's all about editing the sudoers file and stuff like that. This is not really what I want.

I also got something like this:

echo "password" | sudo -S command > output.txt &

But that will result in the root password showing up in a bash history and being visible to anybody looking over my shoulder.

I was really hoping for some kind of script that would prompt me for a password (which is not displayed) and would allow me to both background the process and route its output to a text file.

That's a bit harder to google for.

dagon

couldn't you do a form password field for the password and pass that to the script?

sneakyimp

That's exactly what I was hoping, but I don't really know how to do a one-line sudo command using [man]exec[/man]. Sudo lets you use the -S flag which has the following description:

-S
    The -S (stdin) option causes sudo to read the password from the standard input instead of the terminal device. The password must be followed by a newline character.

But I'm not really sure what that means. I've seen that using it, people can do things like this:

prompt# echo 'mypassword' | sudo -S php my_command.php

However, that is not particularly secure as the password might end up in a bash history somewhere. The whole stdin idea kinda confuses me. I'm also not sure if the web server keeps any kind of history where these passwords would be stored.

I'm wondering how I might get one of these:
1) A shell script that I can execute which does prompt me for a password but still outputs the script output to a text file AND sets the script as a background process.

2) Set up an apache-hosted PHP form which can securely execute a script with su/sudo permissions such that the password is not stored in a bash history or other insecure place.

I've tried a lot of stuff and nothing satisfactory yet.

sneakyimp

I'll break this down into several options of what I'd find satisfactory and just pray that people have feedback.

Acceptable solution #1 - shell script that prompts for password
As I mentioned in the original post, when I login via SSH and attempt to start a daemon process using sudo while a) backgrounding it and b) writing the output to a file then it doesn't work -- the password prompting somehow fails and when I try to type my password in, it appears as plain text which is not cool and the password is not routed to the prompt but rather interpreted as a command. FAIL.
e.g.:

Mac:server sneakyimp$ sudo php crossdomain_server.php > data/crosscomain_output.txt &
[1] 81466
Mac:server sneakyimp$ Password:
omg_here_is_my_password
-bash: omg_here_is_my_password: command not found

[1]+  Stopped                 sudo php crossdomain_server.php > data/crosscomain_output.txt
Mac:server sneakyimp$

An acceptable solution here would be the creation of a script that would either prompt me for a password and then call the sudo command for me OR write a script that I can just call using sudo so I am prompted for the password immediately and the contents of the shell script take care of backgrounding and routing output.

DOWNSIDES: Have to login via SSH to start my daemon process. Really worried about root passwd ending up in a bash history file, possibly readable by other users on shared hosting environment. General security worries.

Acceptable solution #2 - securely hosted web page that prompts for password
I've seen things like cPanel and Webhost Manager that let you do things like restart mysql or restart apache or even reboot the server. I would love a situation where the webpage (HTTPS hosted of course) prompts the user for a passwd and then supplies it to an [man]exec[/man] command. The problem is that sudo lets you specify the command but then prompts you for a password. As far as I know, exec and sudo don't really play nice together. This is the optimum solution because the PHP web form can only call sudo if the user supplies the write password. Unfortunately, I don't see how to get it to work.

DOWNSIDES: Does using "echo PASSWORD | sudo -S command" result in my root password ending up in a bash history file? This sounds insecure. How much of a security risk is it to temporarily write the root password to a file and use sudo -S to read password from the file?

Acceptable solution #3 - securely hosted web page with sudoer apache
I know you can add apache as a sudoer, but I'm really really concerned about giving apache any kind of sudo capability lest it be abused--especially if the acccess is NOPASSWD. I'm looking into how I can use the sudoers file, but would much prefer if the user must enter some kind of password AND if the the sudoer privileges apply ONLY to one or two scripts.

DOWNSIDES: Security risk in giving sudoer privs to apache. Setting up this kind of privilege involves edits to the sudoers file and possibly other permissions changes I don't yet fully understand which will likely be very confusing to people trying to run my software.

Any feedback or suggestions are welcome.

bradgrafelman

sneakyimp wrote:
DOWNSIDES: Does using "echo PASSWORD | sudo -S command" result in my root password ending up in a bash history file?

I don't see how it could, since you aren't using bash to execute that command.

Besides, even if you didn't believe me and were still paranoid about it, you could probably do something like:

exec("history -c; unset HISTFILE");

to temporarily disable the history file.

sneakyimp

Brad, thanks for your info there. I'm definitely paranoid about my root password being stored in some history file somewhere. Do you really think it's safe to use the "echo PASSWORD | sudo -S command" approach? I find myself wondering how CPanel and/or Webhost Manager accomplish this kind of thing. They have links to restart apache and mysql. Probably sudoers. 🙁

I did manage to create a script that kind of works from the command line:

# startc.sh
php ./crossdomain_server.php > data/crossdomain_output.txt & echo $! > data/crossdomain.pid

This command starts my daemon script in the background while routing its output to a text file and storing its process id in another file. I'm very pleased with it.

One can launch it using sudo and get prompted for the password:

$ sudo ./startc.sh
Password:

Now it would be RAD if I could get a browser page configured to prompt a user for the password. I will then have a super-convenient means of launching my daemon.

Then to end it, I've been told I can do something like this in shell script:

# stopc.sh
kill -15 $(cat data/crossdomain.pid)