Allow user to SUDO a script without password.
- by John Isaacks
I have a php script with this:
<?php
#echo exec('whoami');
$output = shell_exec('bash /usr/local/svn/bash_repo/make-live');
echo "$output";
?>
The make-live script contains this:
#!/bin/bash
cd /var/www-cake
sudo svn checkout file:///usr/local/svn/bash_repo/repo/
echo "Head revision has been pushed to live server"
So the PHP user who is www-data needs to have nopasswd for that script. I am told I need to add:
www-data ALL=NOPASSWD:
/usr/local/svn/bash_repo/make-live
To sudoers to allow this. First I run sudo visudo but I have no experience with vi so I try to open it in gedit with export EDITOR=gedit && sudo -E visudo which then just opens a sudoers.tmp file which is empty. I add the line and save it. But it doesn't do save.
So I just try sudo visudo and I add the line right beneath this part:
# User privilege specification
root ALL=(ALL) ALL
www-data ALL=NOPASSWD: /usr/local/svn/bash_repo/make-live
I closed out sudoers and reopened to verify that it has saved. I even restart apache.
I run the php file and it still doesn't work.
What am I missing?