11-04-2018
Putting sudo scripts embedded in php code at user clicks is not advisable nor desirable.
It is a major security issue and should be treated like that.
Why not use existing tools, which have agents and API(s) at your disposal.
Include those in your project if you require such actions.
Restarts, deployments will be transparent to user, not dependent on application itself and fairly secure.
If you really need user interaction for such tasks, otherwise cron is fine, and best would be to see why application needs to be restarted
Hope that helps
Regards
Peasant.
8 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hello,
I am new to unix, but wanted to know how can we fetch data from a web page (i.e. an HTML Page), my requirement is to read an html page and wanted to create a flat file (text file) based on the contents available in the mentioned HTML page.
Thanks
Imtiaz (3 Replies)
Discussion started by: Imtiaz
3 Replies
2. Shell Programming and Scripting
Wish you all a very happy new year.
I have a web url "http://marabou.mis.amat.com/cgi-bin/iman?IMAN_server_report=full"
where marabou.mis.amat.com is my server name. the page content is below.
*********************************************************
TcEng Web server report
Thu Jan 4... (4 Replies)
Discussion started by: Krrishv
4 Replies
3. Solaris
Hi there. I'm trying to upgrade a Sun Blade 100 to Solaris 9.
I downloaded and burned the install, disc 1, disc 2 and tools CDs from Sun. I turned off auto-boot, put in the CD and enter the following:
# boot cdrom -nowin
The cdrom boot starts, and I get prompted to choose a language... (2 Replies)
Discussion started by: calenti
2 Replies
4. UNIX for Dummies Questions & Answers
Hi all,
I am new to UNIX and so am struggling a bit on using the right commands.
I am working on a remote UNIX server and i need to load a web page using firefox. I can use the client IP address to access the web page but i am not able to do so because the command i am typing is wrong.
... (1 Reply)
Discussion started by: greg15
1 Replies
5. Web Development
Hello,
I have created a web page on a server using apache and added .htaccess and .htpasswd in the folder for authentification.
I was wondering if there was anyway to tie-in the login for this page with the login used to logon to the server.
i.e. the same login info. is used for both,... (2 Replies)
Discussion started by: WhotheWhat
2 Replies
6. Cybersecurity
Hello,
I have created a web page on a server using apache and added .htaccess and .htpasswd in the folder for authentification.
I was wondering if there was anyway to tie-in the login for this page with the login used to logon to the server.
i.e. the same login info. is used for both, when... (1 Reply)
Discussion started by: WhotheWhat
1 Replies
7. Web Development
Hi,
I have html page in my unix machine(server), which I will open with firefox or mozilla available in unix machine. Firefox or mozilla will be opened using x windows.
Since I have access to unix machien(like other users) and this HTML page is for user having access to Unix machine, I see no... (7 Replies)
Discussion started by: vamanu9
7 Replies
8. Web Development
Hi All,
I'm getting this below error
bash-4.1$ ./apachectl -k start
(98)Address already in use: make_sock: could not bind to address hostname:18000
no listening sockets available, shutting down
Unable to open logs
I tried to change the port number, still same error:
... (5 Replies)
Discussion started by: raghur77
5 Replies
LEARN ABOUT LINUX
sudo_root
sudo_root(8) System Manager's Manual sudo_root(8)
NAME
sudo_root - How to run administrative commands
SYNOPSIS
sudo command
sudo -i
INTRODUCTION
By default, the password for the user "root" (the system administrator) is locked. This means you cannot login as root or use su. Instead,
the installer will set up sudo to allow the user that is created during install to run all administrative commands.
This means that in the terminal you can use sudo for commands that require root privileges. All programs in the menu will use a graphical
sudo to prompt for a password. When sudo asks for a password, it needs your password, this means that a root password is not needed.
To run a command which requires root privileges in a terminal, simply prepend sudo in front of it. To get an interactive root shell, use
sudo -i.
ALLOWING OTHER USERS TO RUN SUDO
By default, only the user who installed the system is permitted to run sudo. To add more administrators, i. e. users who can run sudo, you
have to add these users to the group 'admin' by doing one of the following steps:
* In a shell, do
sudo adduser username admin
* Use the graphical "Users & Groups" program in the "System settings" menu to add the new user to the admin group.
BENEFITS OF USING SUDO
The benefits of leaving root disabled by default include the following:
* Users do not have to remember an extra password, which they are likely to forget.
* The installer is able to ask fewer questions.
* It avoids the "I can do anything" interactive login by default - you will be prompted for a password before major changes can happen,
which should make you think about the consequences of what you are doing.
* Sudo adds a log entry of the command(s) run (in /var/log/auth.log).
* Every attacker trying to brute-force their way into your box will know it has an account named root and will try that first. What they do
not know is what the usernames of your other users are.
* Allows easy transfer for admin rights, in a short term or long term period, by adding and removing users from the admin group, while not
compromising the root account.
* sudo can be set up with a much more fine-grained security policy.
* On systems with more than one administrator using sudo avoids sharing a password amongst them.
DOWNSIDES OF USING SUDO
Although for desktops the benefits of using sudo are great, there are possible issues which need to be noted:
* Redirecting the output of commands run with sudo can be confusing at first. For instance consider
sudo ls > /root/somefile
will not work since it is the shell that tries to write to that file. You can use
ls | sudo tee /root/somefile
to get the behaviour you want.
* In a lot of office environments the ONLY local user on a system is root. All other users are imported using NSS techniques such as
nss-ldap. To setup a workstation, or fix it, in the case of a network failure where nss-ldap is broken, root is required. This tends to
leave the system unusable. An extra local user, or an enabled root password is needed here.
GOING BACK TO A TRADITIONAL ROOT ACCOUNT
This is not recommended!
To enable the root account (i.e. set a password) use:
sudo passwd root
Afterwards, edit the sudo configuration with sudo visudo and comment out the line
%admin ALL=(ALL) ALL
to disable sudo access to members of the admin group.
SEE ALSO
sudo(8), https://wiki.ubuntu.com/RootSudo
February 8, 2006 sudo_root(8)