launching a shell with php as root is it possible?
Hello, I am in the process of learning how to setup and configure my personal Debian sarge serveur.
This server could host in the near future other peoples sites, with php activated who will have ftp access to the server so security is an issue.
I don't want to give ssh access to my users but I would like to be able to give them the possibility to change their FTP passwords on their own, and eventually allow them to create subdomains with seperate ftp accounts.
Is it possible to, and is it safe to use PHP to foward variables and execute a shell which would change their password?
If so how would I go about doing this? Do I have to have two instances of php running to safely allow my users to change their passwords?
If not how would I go about doing this? how do programs like plesk achieve this?
I have managed to make php tell me if a user exists or not but not managed to get it to change a users password.
If I could give php root permissions or allow it to execute a script which runs with root permissions this would be great ! However my users will have php enabled on their sites and I will not be able to trust all of them.
I am not interested in using programs like webmin because I want to learn how to do all this myself. Time is not a problem I just want to learn.
Hello, me again !! Also another question ! I've just done man passwd and I can't see an option to automatize changing a password, how would I do this? Because passwd asks a question and I can't see how to answer it .. !
HI, it seems that it's not /r because running exec is the same as typing command + return. However I have found how to do this you can use this :
But this approach does not seem very safe though..
However I've decided to use the mysql plugin for proftpd which will allow me to change the FTP passwords. I have created a shell which automaticaly sets up a domaine to apache, creates the files etc.
The Mysql approach will allow me alot more freedom as to what I can allow my users to do !
If it is just for FTP accounts that you need to change the password, you could use something like PureFTP and have it setup to read the user/pass from a database and have your admin site change the DB.
Another option that was very popular back in the day is to set the users Shell to /bin/passwd. When the user logs in via SSH the passwd command is run and thats the only command that will be run for them. Once they've finished with passwd it will exit and close their SSH session.
thanks I have setup proftp with mysql, and it works great and easy to integrate to my CP !
Thanks for the ssh solution which I had not thought of! But as I now use virtual mysql ftp users no need for it.. just a simple addon to my members area and they can now change their FTP passwords etc ...
I will do the same for email and so far I think that I will setup some crons with shell scripts which access a database to automatically create the virtual hosts !