Quote:
but I think why use this while I have root username and pass?
You have the password but it has to be entered when required. How do want to do that when the web server executes a script?
Quote:
And I not found /etc/sudoer directory
It is not a directory but a file. And you should use
visudo
to edit that file instead of using an editor.
The web server will not run the script as
root. In most cases the PHP script is run as the user that runs the server (e.g.
wwwrun or
apache).
When using
shell_exec
to execute commands that are not allowed for the user running the script, you have to execute that command as another user (
root in your case).
This can be done using
sudo
(
43.1.4.3.2. The sudo Command[
^]).
But
sudo
will prompt for a password which will not work when called from a script started by the web server. The solution is to allow specific users executing spefic commands using the
/etc/sudoers file (use
visudo
to edit that file).
An example entry might look like
wwwrun ALL=(root) NOPASSWD: /sbin/shutdown
But a better solution would be creating a dedicated script. This will ensure that only this script can be executed as root because it is a bad idea to give the web server account root privileges for various commands.
Move to a folder where you want to store the script (e.g.
/usr/local/bin) and create the script (named
reboot.sh here) using your favorite editor as root:
/sbin/shutdown -r now
Make the script executable:
sudo chmod u+x reboot.sh
Now edit the sudoers file and allow the script to be executed:
sudo visudo
Add this line at the bottom (assuming the PHP script is executed as user
wwwrun)
wwwrun ALL=(root) NOPASSWD: /usr/local/bin/reboot.sh
Then call this script using sudo
shell_exec('sudo /usr/local/bin/reboot.sh');