how to make PHP lists all Linux Users?

I want to build a php based site that (automate) some commands on my Ubuntu Server

first thing I did was going to the file (sudoers) and add the user www-data so I can execute php commands with root privileges!

# running the web apps with root power!!!
www-data ALL=(ALL) NOPASSWD: ALL


then my PHP code was

<?php
$command = "cat /etc/passwd | cut -d":" -f1";
echo 'running the command: <b>'.$command."</b><br />";
echo exec($command);
?>


it returns only one user (the last user) !!! how to make it return all users?

thank you

4 Answers
4

From the PHP manual on exec:

Return Values

The last line from the result of the
command. If you need to execute a
command and have all the data from the
command passed directly back without
any interference, use the passthru()
function.
To get the output of the executed command, be sure to set and use the
output parameter.

So you have to do something similar to this:

<?php
$output = array();
$command = "cat /etc/passwd | cut -d":" -f1";
echo 'running the command: <b>'.$command."</b><br />";
exec($command, &$output);
echo implode("<br />n", $output);
?>


Like Matt S said, that's an incredibly bad idea to allow www-data root access on your server. The slightest compromise through your web applications could allow anyone full control of your system.

A better idea would be to make separate scripts for specific accessions then use SUID permissions. This means, a specific user (in this case, www-data) can make small changes to the system through the execution of scripts. Still not a good idea, though. You may be able to work around it with suPHP but security is still a major concern.

/etc/passwd is readable by anyone, so you should be able to execute your command without having any special rights (unless PHP prevents it?).

As @benjamin explains, no need to be root or sudo, no need for SUID.
Just pure PHP. I used the field names from posix_getpwnam.

function getUsers() {
$result = ;
/** @see http://php.net/manual/en/function.posix-getpwnam.php */
$keys = ['name', 'passwd', 'uid', 'gid', 'gecos', 'dir', 'shell'];
$handle = fopen('/etc/passwd', 'r');
while ( ($values = fgetcsv($handle, 1000, ':')) !== false ) {
$result = array_combine($keys, $values);
}
fclose($handle);
return $result;
}


It returns an array containing all users, formatted like this:

[
[
'name' => 'root',
'passwd' => 'x',
'uid' => '0',
'gid' => '0',
'gecos' => 'root',
'dir' => '/root',
'shell' => '/bin/bash',
],
[
'name' => 'daemon',
'passwd' => 'x',
'uid' => '1',
'gid' => '1',
'gecos' => 'daemon',
'dir' => '/usr/sbin',
'shell' => '/usr/sbin/nologin',
],
...
]


By clicking "Post Your Answer", you acknowledge that you have read our updated terms of service, privacy policy and cookie policy, and that your continued use of the website is subject to these policies.