Home arrow Guides arrow Run a Service as Root From a Web App Using xinetd
Run a Service as Root From a Web App Using xinetd PDF
Tuesday, 28 February 2012
Let's say we want to run a php script as root when accessing an URL oun our server.

If you create a simple PHP script that run whoami command you will notice the script will be run as www:

  <?php
  echo exec('whoami');
  ?>


The output in browser would be:

  www

In order to run that script as root we will configure xinetd to run that script when accesing localhost on a porte defined by us.

So first we will install xinetd:

  cd /usr/ports/security/xinetd
  make install clean

Then we will create /usr/local/etc/xinetd.conf with the following content:

/usr/local/etc/xinetd.conf
service myscript
{
socket_type     = stream
protocol        = tcp
wait            = no
user            = root
server          = /usr/local/bin/php
bind            = 127.0.0.1
server_args     = -q /home/user/public_html/script.php
only_from       = 127.0.0.1
}

Then we will create a service/port association by editing /etc/services and adding the following line:

  myscript      7700/tcp


Then we will add xinetd in /etc/rc.conf to start at boot:

  xinetd_enable="YES"

Then we will start the service:

  /usr/local/etc/rc.d/xinetd start

Now create the following script that will run script.php using xinetd:

script_Execute.php
<?php
$port = 7700;
$sock = fsockopen('tcp://127.0.0.1', $port);
fclose($sock);
?>


Then using your browser go to http://your_server_ip/script_execute.php. When loading script_execute.php, /home/user/public_html/script.php will run from xinetd.

This technique is ofcourse usefull for running any kind of services from xinetd and not only for php scripts.

Last Updated ( Tuesday, 28 February 2012 )
 
< Prev   Next >

Other BSD Systems

OpenBSD

Misc

Solaris

Polls

Best BSD firewall?