Mike Sheinberg on 13 Jan 2010 08:10:25 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] Running Apache CGI scripts as root?

So, I'm trying to solve an issue at my work where I need particular CGI scripts to have root access to a number of binaries. I have been messing with the sudoers file to try to grant this access to the particular binaries in question without requiring a password but since the 'apache' account has no shell (apache:x:48:48:Apache:/var/www:/sbin/nologin)  I get the following error:

[error] [client xxx.xxx.xxx.xxx] sorry, you must have a tty to run sudo, referer: https://xxxx.xxx.xxx/xxx.py.

After some searching some people seemed to recommend trying the apache module 'suexec' but it seemed a bit fishy to me so I thought I'd ask good ol' PLUG for some best practices advice on solving this issue. I'd also like to keep the
Defaults    requiretty  
setting in the /etc/sudoers file if possible (due to security concerns).


Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug