We want to execute a script from our web based CRM, that executes another SSH script on another server, but this needs to be executed as ROOT.
The problem is Apache (www-data), does not have permission to execute scripts as root.
To resolve this is modify the root permissions on
To modify the sudoers the proper way you should NOT use a text editor such as vim, but to use the VISUDO tool. This is because if you mess up this file you could be locked out of your server forever, and the VISUDO has some restrictions the prevents you from messing up.
So you have to do:
And “remove” the need for Sudo for specific user no a specific file.
The ideal case would be to add the permission to a specific user and file, so that the permissions are locked down, the script should read something like this:
www-data ALL=(ALL) NOPASSWD: /var/www/html/master/Bundles/azure/lead_update-info.php
Ironically, this is not not working for me, I guess there are other permissions involved in the execution of my script, so I went with the general rule that does not lock down the file, but gives general permission (INSECURE!!!!)
www-data ALL=(ALL) NOPASSWD: ALL
Not that this is super insecure, I have added it temporarily and my application is behind a firewall so very few people have access to it.
THIS IS NOT RECOMMENDED FOR A PUBLIC SERVER AS YOU WILL BE HACKED