httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Laura Vance <van...@winfreeacademy.com>
Subject Re: [users@httpd] Invoking shutdown from a CGI program/script
Date Tue, 18 May 2004 18:02:53 GMT


Joseph A. Nagy, Jr. wrote:

>On Tue, May 18, 2004 at 11:54:52AM -0400, Joshua Slive wrote the following:
>  
>
>>On Tue, 18 May 2004 cnelson@nycap.rr.com wrote:
>>    
>>
>>>I *know* this sounds like a generally bad idea.  I've no question of
>>>that.  Please don't tell me, "Don't do that."
>>>
>>>I'm building a dedicated Linux-based device with an embedded Apache
>>>server and I want the user (who's logged in via HTTPS) to be able to
>>>reboot the system from a web page.
>>>
>>>I've read the FAQ and skimmed the archives.  I believe I know that
>>>suEXEC won't let me run the shutdown script as root.  So, how can I
>>>reboot my system from a web page served by Apache?
>>>      
>>>
>>The traditional solution is sudo:
>>http://www.courtesan.com/sudo/
>>    
>>
>That'd work but is SSH access an option?
>
I don't use this to reboot the machine, but I use it for some very 
limited remote administration tasks such as changing users passwords and 
creating email accounts.

1. Have a process running as root that check for the existance of a file 
or specific content within a file every few seconds.
2. Set your CGI program running in apache to create whatever the root 
process is waiting for in a location that apache can write to.
    (I use /var/www/files/ and it's not aliased or in documentroot, so 
httpd can't see it, but CGI processes running as apache can)
3. When the process running as root receives the signal, it clears the 
file then starts the reboot process.
4. In your start scripts make sure that the process starts back up and 
continues watching for the file/data in the file.

Mine has an added level where the process running on the apache server 
sends the file to the mail server so the process running on the mail 
server can then act on the data in the file.  I also encrypt the data in 
the file to prevent file interception in the few seconds before the 
process reads it.

-- 
Thanks,
Laura Vance
Systems Engineer
Winfree Academy Charter Schools, Data-Business Office
1711 W. Irving Blvd. Ste 310
Irving, Tx  75061
Web: www.winfreeacademy.com



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message