Unable to execute shell script in exec dir

StackOverflow https://stackoverflow.com/questions/11205047

  •  17-06-2021
  •  | 
  •  

Question

We have a server running PHP 4.3.9 with safe_mode ON and safe_mode_exec_dir setted to /usr/local/bin/php/

So, as it is written on php.net, we can't execute any script which is not in safe_mode_exec_dir.

I want to call unzip system command (don't have zip library) which is inside /usr/bin. So I can't call by a PHP script.

I've created a shell script which is placed in /usr/local/bin/php to execute unzip function. So basically, it takes 2 arguments (archive file and file destination).

  • When I call it in command line with simple user, it works fine.
  • When I call it with PHP script, it doesn't run (error code 127)

Shell script is with following permission : -rwxr-xr-x So It can be runned by apache users.

I can't understand why it doesn't run.

Shell script :

#!/bin/bash
DIR=$1
FILE=$2

# Write to file to check if shell script is running
echo "BANANA" > /my/path/to/app/banana-log.txt

# If file exists, run unzip
if [ -a $FILE ];
    then
        /usr/bin/unzip -u $FILE -d $DIR >> /my/path/to/app/banana-log.txt
else
    echo "FILE_NOT_FOUND $1"  >> /my/path/to/app/banana-log.txt;
fi

PHP Script :

$output = array();
$return_value = -1;

//-- Get safe_mode_exec_dir value
$shell_script = ini_get('safe_mode_exec_dir') . "/myscript.sh";
$shell_cmd = sprintf("sh %s %s %s", $shell_script, escapeshellarg('/my/destination/path'), escapeshellarg('my/path/to/archive/file.zip'));


//-- Execute command
echo "COMMAND IS : ", $shell_cmd;
$output = exec($shell_cmd, $output, $return_value);
echo "RESPONSE IS : ", implode("<br />",$output);
echo "RETURN CODE IS : ",$return_value;
Was it helpful?

Solution

After checking apache error log, I've seen following message :

sh: /usr/local/bin/php/sh: No such file or directory

So, It isn't clear but exec already call shell command. My command start by sh. Therefore, php execute following command :

sh sh /usr/local/bin/php/myscript.sh '/my/destination/path' '/my/path/to/archive/file.zip'

sh file doesn't exist at /usr/local/bin/php/

To correct this, I've juste removed "sh" from exec command and it works fine !

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top