Author Topic: php cron job, account vs root  (Read 5497 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
php cron job, account vs root
« on: January 25, 2021, 01:41:59 AM »
I have a php script that I can execute from a browser and also as a cron job using the account's cron, however I cannot execute from the terminal window or root cron job.

The script is located in the public_html folder of the account.

Why can I not execute the script from the terminal window and root cron?

Re: php cron job, account vs root
« Reply #1 on: January 25, 2021, 10:03:34 AM »
Nothing to do with CWP - just plain lack of *nix knowledge.
Quote
sudo -u username user-accessible-path-to-php php-script

Offline
*
Re: php cron job, account vs root
« Reply #2 on: January 25, 2021, 11:50:02 AM »
Quote
Nothing to do with CWP - just plain lack of *nix knowledge.
Absolutely correct both on description of the person and the problem. Any suggestions on a good *nix knowledge source/tutorial.

A windows person that has been using shared hosting forever, but obviously in need of real *nix knowledge now. Willing to learn.

Thanks for the helping hand!
« Last Edit: January 25, 2021, 12:13:34 PM by wshosted »

Re: php cron job, account vs root
« Reply #3 on: January 25, 2021, 12:28:56 PM »
It's been over 3 decades since I done a week long course in Unix, having started at CP/M & DOS 3, followed by Windoze 3!  :o
This is in addition to national education routes (with its' flaws). These days, it's MUCH simpler/cheaper to get learning, with plenty of online information - just be careful of bad info. ;)
I recall learning all DOS 5 commands but gave up with the hundreds in core *nix. ;)

Anyone running a *nix server, should really be dual booting their PC, to get a good grip on how Linux hangs together. You'll even see bits that MS tried to copy. Alternatively, grab a second-hand/mothballed machine and dedicate it to a Linux build (or two, or three).

https://uk.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-linuxmint&type=__alt__ddc_linuxmint_com&p=linux+cheat+sheet
https://uk.search.yahoo.com/yhs/search;_ylt=AwrIS.hPuQ5g_VoA_gB3Bwx.?p=learning+linux&fr2=sb-top&hspart=ddc&hsimp=yhs-linuxmint&type=__alt__ddc_linuxmint_com
(Note the Search Engine and OS used.)
This seems like a good starting point:
https://itsfoss.com/free-linux-training-courses/

[[I should add that I don't have a beard, nor sandals.  8) ]]
« Last Edit: January 25, 2021, 01:13:25 PM by cynique »

Offline
*
Re: php cron job, account vs root
« Reply #4 on: January 25, 2021, 02:51:27 PM »
I have a php script that I can execute from a browser and also as a cron job using the account's cron, however I cannot execute from the terminal window or root cron job.

The script is located in the public_html folder of the account.

Why can I not execute the script from the terminal window and root cron?

first, you should never execute scripts under the user account as root, also if this is something PHP-related then it could be a permissions issue...however nobody can't assist without checking the exact issue on the server...probably the best  is to check with some experienced sysadmin or cwp support.
VPS & Dedicated server provider with included FREE Managed support for CWP.
http://www.studio4host.com/

*** Don't allow that your server or website is down, choose hosting provider with included expert managed support for your CWP.

Re: php cron job, account vs root
« Reply #5 on: January 25, 2021, 03:14:06 PM »
first, you should never execute scripts under the user account as root, also if this is something PHP-related then it could be a permissions issue...
Valid points.  8)
(There are sometimes exceptions to the rule, though I'll hazard a guess this is not one of those times.)

Offline
*
Re: php cron job, account vs root
« Reply #6 on: January 27, 2021, 12:51:14 PM »
So apparently good news/bad news. Good news first: the suggestion to use
Code: [Select]
sudo -u username user-accessible-path-to-php php-script worked! The bad news, sounds like both of you feel that is not a good idea.

Since I have very limit unix experience, I have spent a couple of days trying to wrap my head around why it is a bad idea. The best I have come up with so far is: running the php script as "sudo - u user1" would elevate any inserted malicious code or mistakes I have made in the coding to root status and create a potentially explosive situation?

Let me as quickly as possible explain what I am attempting. Running WordPress sites, I wanted to make the majority of the files in the installation immutable using chattr +i, except of course for those areas that require being writable. So I am using a few lines in a bash script to get the right mix of locked files.

I have also created a php script that will run the WP auto update process that lives in the  public_html folder, because thus far that's the only way I have been successful at running the php WP update process.

Creating a root based cron to run the bash and a user account cron to run the php script works, BUT requires a root cron entry to unlock, and another to relock the files and coordinating the timing between the three.

I wanted to combine all three processes into a single fully automated process via a single cron that will:

1) unlock the WP installation (via a single bash line)
2) update WP by running the php script (currently sudo based)
3) relock the WP installation (via a multi-line bash script)

Using the sudo method on step two works perfectly, all three functions happen in order and require no timing coordination and is a very fast process.

Am I just barking up the wrong tree or is there a way to safely combine these bash/php functions?

I have for what I thought were safety reasons, avoided making shell_exec available at the user account level.

Re: php cron job, account vs root
« Reply #7 on: January 27, 2021, 02:24:21 PM »
Seems a bit like using a hammer to crack a nut.  :-X
I just install Wordfence on my client sites and leave it at that but they don't tend to mess with the workings and ask first (well behaved).
Why 'chattr' and not just 'chmod -w' ?

Have you tried inserting the php within the bash itself and running as user cron?
Pseudo code:
Code: [Select]
#!/usr/bin/bash
for $i in read file.list do
 chmod +w $i
done
/usr/local/bin/php wp-script.php
#!/usr/bin/bash
for $i in read file.list do
 chmod -w $i
done

Quote
.. avoided making shell_exec available at the user account level.
Commendable.  8)

Footnote:
You can chain (&&) individual tasks within the one cron job.
Example, for horrible Magento:
Code: [Select]
/usr/local/bin/php /home/user/public_html/bin/magento cache:clean && /usr/local/bin/php /home/user/public_html/bin/magento cache:flush > /home/user/public_html/var/log/cache.log
« Last Edit: January 27, 2021, 02:39:50 PM by cynique »