Question : how can i execute a command as root

I am working on a web based script that will add dns records to bind after i add a record i need to restart named this needs to be done as root. First off it is my server i have the root password etc..

system("/etc/init.d/named restart");

how can run the above command from my web based script as the root user

Answer : how can i execute a command as root

hilltop,

"..how can run the above command from my web based script as the root user...."

The solution for this would be to running the script with elevated privilege level.

You can run a script in suid mode. What this means is that instead of a script running as the user that invokes it it will run as the user that owns it.

Changing a script's permissions to indicate it should run suid involves using a less commonly known feature of the "chmod" command. A good unix reference will explain fully, but basically scripts that you want to run suid will be set up with the command "chmod 4711 scriptname" - the leading '4' indicates suid execution is desired. Setting files suid is a restricted operation, and can not be accomplished via FTP

The meaning of suid is hard to explain unless you already have a good understanding of Unix file permissions- but here's a quick example that may help:
Assume you have a script, it will be owned by you, and by default will be in group clients. Normally (since it's a CGI script) it will be set to mode 755 (which is really short for 0755) - it will execute with the permissions of whoever invokes it. That means if the script tries to read a file with mode 600 (user read/write only) the script will not be able to open the file, so an error will occurr.

If you change its permissions to 4711, it will always run with your privilege level, regardless of which user invokes it. If it tries to read that same file, it will work fine.

Running suid scripts allows much more flexibility in the operations your scripts can perform, but it comes with a price. Since you're running these scripts with elevated privileges, there are some changes that will need to be made depending upon the exact implementation. You also need to make sure the script code can not be subverted to do more than you planned to allow.

Perl also treats suid scripts specially. You will have to do one of two things to successfully run suid perl scripts. The easiest is to use the -U switch (#!/usr/bin/perl -U) which says essentially "Hey Perl- I know what I'm doing here, so don't warn me about tainted variables and things like that." The other is to go through the laborious process of "untainting" every potentially unsecure variable you use in the script. This is a big pain, but the process will teach you a lot about perl.

Hope that helps.

Random Solutions

WordPress Schema

INVALID DOMAIN NAME?

Windows Update fails to install, KB898461

DHCP Reservation Name

Change Computer Desc based on AD email field VBS

SQL Reporting Service: Datetime parameter always displays "12:00 AM"

Error:"The system is not suitable for running MS-DOS ..."

Deferred: Connection timed out sendmail

Toshiba 1900-102: problems with USB ports

Script to determine uptime for multiple servers