Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 45
  1. #16
    Senior Coder tomws's Avatar
    Join Date
    Nov 2007
    Location
    Arkansas
    Posts
    2,644
    Thanks
    29
    Thanked 330 Times in 326 Posts
    Hmm... didn't think about that happening. Maybe write a custom restart program that forks after being called?

  2. #17
    Regular Coder thesmart1's Avatar
    Join Date
    Dec 2005
    Posts
    369
    Thanks
    7
    Thanked 3 Times in 3 Posts
    Forks? What do you mean?

  3. #18
    New to the CF scene
    Join Date
    Apr 2008
    Posts
    3
    Thanks
    0
    Thanked 2 Times in 2 Posts

    Arrow Adam Young here.

    Hello, author of mentioned httpd restart script here. Thought I'd add my 2 cents and a "better" (?) solution. First I'll reply to some comments:

    #3 Even if the user has permissions to execute /etc/init.d/httpd it won't work because only root can open ports below 1024.

    #4 Assuming it ran correctly I don't think you get a response because it's set in 'at' to run NOW. If it were set to a little later you should but you need the fix #5 caught.

    #5 Yes I think you're right that it should test == 0

    #6, #7 I doubt the command actually ran (maybe httpd stop) but a restart does not work in my tests.

    #11 It sounds like you didn't set the suid bit: chmod +s httpd_reload

    #12 ISPConfig uses a daemon that checks for a reload file every 10 seconds. Seems like overkill to me.

    #13 It sounds like you want to RELOAD not RESTART httpd. You don't want the server restarting each time when all it needs to do is re-read the config files. Restarting=downtime.

    #16 I'm not a great system programmer but I tried forking and it didn't work for me. The new process was still a child of the httpd. This is why I'm using the 'at' daemon.

    New solution:
    First, the code (this won't work until you read setup below).
    PHP Code:
    <?php
    exec
    ('echo "/usr/bin/sudo /sbin/service httpd restart" | /usr/bin/at now');
    ?>
    The setup:
    You will need sudo and atd installed and running.

    Edit your sudoers file (via visudo) and add a line like this:
    adam ALL= NOPASSWD: /sbin/service httpd restart

    edit: I forgot you also need to make sure requiretty is disabled. Look for a line like this and comment it out:
    Defaults requiretty


    Replace "adam" with whatever process is running the php file. I use suPHP to run scripts as their owner so for me it's "adam".

    Next, test or make sure whatever user is running the script has permission to use atd (I don't know if apache user does by default, I'd guess no.) You'll need to edit /etc/at.allow and/or /etc/at.deny.

    How I test if it worked
    I have /server-status enabled (check your httpd.conf) and pull up the page to see the Server uptime. If it's been restarted OR reloaded the uptime is reset.

    Some more words of wisdom for thesmart1
    If you're planning on doing a hosting solution then you'll probably want to use the php-cgi and suPHP or suexec instead of mod_php.so even though there's a performance hit. Also, if you expect a high amount of vhost changes then a setup like ISPConfig uses is probably a better idea.

    Oh, and you should change the above script to reload instead of restart. You'll still need 'at'.
    Last edited by adamyoung; Apr 22nd, 2008 at 06:57 PM. Reason: forgot a step in sudo setup

  4. Users who have thanked adamyoung for this post:

    thesmart1 (Apr 24th, 2008)

  5. #19
    Regular Coder thesmart1's Avatar
    Join Date
    Dec 2005
    Posts
    369
    Thanks
    7
    Thanked 3 Times in 3 Posts
    Hi Adam Young, welcome to the forums

    Quote Originally Posted by adamyoung View Post
    Edit your sudoers file (via visudo) and add a line like this:
    adam ALL= NOPASSWD: /sbin/service httpd restart

    edit: I forgot you also need to make sure requiretty is disabled. Look for a line like this and comment it out:
    Defaults requiretty
    I have that line in the file for apache. I don't have the line "Defaults requiretty" in the file at all.

    Quote Originally Posted by adamyoung View Post
    You'll need to edit /etc/at.allow and/or /etc/at.deny.
    I didn't have an at.allow file, and my at.deny file is empty. I created an at.allow file and added apache to it.

    Quote Originally Posted by adamyoung View Post
    I have /server-status enabled (check your httpd.conf) and pull up the page to see the Server uptime. If it's been restarted OR reloaded the uptime is reset.
    Thanks for the tip, this is a nice way to check for restarts/reloads.

    Quote Originally Posted by adamyoung View Post
    Oh, and you should change the above script to reload instead of restart. You'll still need 'at'.
    Yeah, I changed it to reload (though in the error_log it looks the same as a restart when reload is called from the console).

    Anyway, I tried everything you said, and added two parameters to exec() in the php script to better see what's going on. When run, the integer return value is 0, but httpd never reloaded. I checked the error_log, and there's another job number and time. Is executing an echo statement in the php file just reporting the results back to Apache? Even so, it should execute the rest just fine...

  6. #20
    New to the CF scene
    Join Date
    Apr 2008
    Posts
    3
    Thanks
    0
    Thanked 2 Times in 2 Posts

    Lightbulb

    Today's your lucky day, I had one server not running suphp to test on. It took me quite awhile to figure out what was going wrong.

    First, remove /etc/at.allow, you don't need it and it could lead to wtf? moments down the road. (If at.allow exists, only those users listed in it can run at).

    Since you're using apache user and the apache user doesn't normally have a shell (/sbin/nologin) then you need to add putenv('SHELL=/bin/bash'); into the php script before the exec() line.

    at requires a shell to be set to execute the commands. You can use any normal shell it doesn't have to be /bin/bash

  7. Users who have thanked adamyoung for this post:

    thesmart1 (Apr 26th, 2008)

  8. #21
    Regular Coder thesmart1's Avatar
    Join Date
    Dec 2005
    Posts
    369
    Thanks
    7
    Thanked 3 Times in 3 Posts
    Alright, I did all that (removing at.allow and adding the putenv('...')) and still just a job number... No change in the server uptime.

  9. #22
    New to the CF scene
    Join Date
    Apr 2008
    Posts
    3
    Thanks
    0
    Thanked 2 Times in 2 Posts
    Check to make sure your sudo is working correctly. Switch apache user's shell to be /bin/bash and su apache to try it out

  10. #23
    Regular Coder thesmart1's Avatar
    Join Date
    Dec 2005
    Posts
    369
    Thanks
    7
    Thanked 3 Times in 3 Posts
    Alright, after doing all that I'm still getting the job numbers at the console, for example:
    job 51 at 2008-04-28 06:39


    And there's still no change in server uptime.

  11. #24
    Regular Coder thesmart1's Avatar
    Join Date
    Dec 2005
    Posts
    369
    Thanks
    7
    Thanked 3 Times in 3 Posts

    PHP and Cron?

    Maybe I can use Cron to run PHP scripts as root? For example, I (or anyone) loads a page and it creates a file on the server. Every minute or so, a PHP file is run on the server as root; it looks for the file, and if present it reloads Apache.

    PHP is an Apache module on my server, so from what I've read I would have to install Lynx to do this? Is there any possibility that it would run locally as root and not through httpd as apache?

    By the way, I'm mentioning PHP because I am only starting to learn C and don't know C++ or any other languages that could run on Linux. However, I am also looking into how to do this in C, since I don't think what I said above will work.

    EDIT: I wrote, compiled, and tested a working C program to check for a file in its directory, and attempt to reload httpd and remove the file if it exists. I'll add this as a cron job and use this method unless anyone knows of a better/simpler/easier method.
    And also, I'd like to make an error log with this program, in case there's ever an issue, but I'll leave that to later... right now I have something that works and that's all I really need for now

    EDIT: I tried adding the program as a cron job to run every minute. This is my cron file:
    * * * * * /var/www/httpd_reload/reload_test
    I created a file (with the name that the program will look for in the correct directory). However, it doesn't seem to run at all. I've even tried rebooting the server, and I still see no evidence of it running.
    By the way, the location above is just what was convenient for me at the time (and will be, as the PHP file must have easy access to the directory). I may move it later.

    EDIT: Also, I made a PHP file to create a file in the same directory as the C program, so obviously the file is owned by the user apache. If I try to run the program from the console, it can't find the file (and thus simply exits as expected). It finds the file (and reloads httpd) if the owner is root, though. Shouldn't it find the file no matter who owns it, since I'm running it as root AND all users have read permissions on the file?
    Last edited by thesmart1; Apr 28th, 2008 at 11:31 PM. Reason: Cron issue and file ownership/readability issue

  12. #25
    Senior Coder tomws's Avatar
    Join Date
    Nov 2007
    Location
    Arkansas
    Posts
    2,644
    Thanks
    29
    Thanked 330 Times in 326 Posts
    Quote Originally Posted by thesmart1 View Post
    EDIT: Also, I made a PHP file to create a file in the same directory as the C program, so obviously the file is owned by the user apache. If I try to run the program from the console, it can't find the file (and thus simply exits as expected). It finds the file (and reloads httpd) if the owner is root, though. Shouldn't it find the file no matter who owns it, since I'm running it as root AND all users have read permissions on the file?
    Maybe not if PHP is only installed as an Apache module. Not sure about that as I've not tried using the Apache user to do anything.

    Try something like php -v on the console to check if it can run the CLI version.

  13. #26
    Regular Coder thesmart1's Avatar
    Join Date
    Dec 2005
    Posts
    369
    Thanks
    7
    Thanked 3 Times in 3 Posts
    To clarify, I wrote a simple program in C to look for a file in its directory. If it finds this file, it reloads httpd and removes the file (so it won't continue to run unecessarily). It works perfectly if I manually create the file (with root ownership) and run the program manually (from the console as root). I then tried writing a PHP file to create a file in the C program's directory and chmod'ed write permissions for apache in said directory. I ran the PHP script, and it created the file (with apache as the owner, as expected). When I run my C program from the console, it fails to find the file and exits. I may be able to work around this by chown'ing the file in the directory from within the program, each time its run before looking for the file, so it'll be owned by root as before. I have not yet tried this, though I think it will work.

    My bigger problem is automation. I'm trying to set the program to run as root every minute (I may increase the time to five or ten minutes later) with cron. I used crontab to add the line I pasted in my last post. The program didn't seem to run, even after a server reboot and while looking for a file owned by root.

    Sorry if my last post and all my edits confused you, after a while I started to confuse myself.
    I did try what you said, even though PHP isn't the problem and I'm not trying to do anything more with apache than create a file. I didn't see anything about CLI (just version, build date, copyright, and zend engine version).

  14. #27
    Senior Coder tomws's Avatar
    Join Date
    Nov 2007
    Location
    Arkansas
    Posts
    2,644
    Thanks
    29
    Thanked 330 Times in 326 Posts
    Ok, sorry about that. I was confused as to where the problem was.

    When you say "When I run my C program from the console..", who is "I"? Apache, root, or some other user? That's something else that's confusing me. Tough to tell which user is doing what.

    I see something above about permissions, but is that file permissions or folder permissions. I think a directory needs a certain permission set to allow non-root to execute a file, but it's been a while since I've dealt with that.

    Regarding the cron script, it is set as executable, yes? I ask because forgetting to set the +x is a stupid mistake I make often.

  15. #28
    Regular Coder thesmart1's Avatar
    Join Date
    Dec 2005
    Posts
    369
    Thanks
    7
    Thanked 3 Times in 3 Posts
    Quote Originally Posted by tomws View Post
    When you say "When I run my C program from the console..", who is "I"? Apache, root, or some other user? That's something else that's confusing me. Tough to tell which user is doing what.
    Sorry, that was as root. I just tried su'ing in as apache and running it, and I got the following error:
    not reloading due to configuration syntax error
    And I don't see anything about this in the httpd error_log.

    Quote Originally Posted by tomws View Post
    Regarding the cron script, it is set as executable, yes? I ask because forgetting to set the +x is a stupid mistake I make often.
    Do you mean /var/spool/cron/root? Or the C program to reload httpd?

  16. #29
    Senior Coder tomws's Avatar
    Join Date
    Nov 2007
    Location
    Arkansas
    Posts
    2,644
    Thanks
    29
    Thanked 330 Times in 326 Posts
    Quote Originally Posted by thesmart1 View Post
    Sorry, that was as root. I just tried su'ing in as apache and running it, and I got the following error:
    not reloading due to configuration syntax error
    And I don't see anything about this in the httpd error_log.
    But the same file works for root? That's odd.

    Quote Originally Posted by thesmart1 View Post
    Do you mean /var/spool/cron/root? Or the C program to reload httpd?
    The compiled C program. /var/www/httpd_reload/reload_test

  17. #30
    Regular Coder thesmart1's Avatar
    Join Date
    Dec 2005
    Posts
    369
    Thanks
    7
    Thanked 3 Times in 3 Posts
    Yeah, all users have execute permissions on it.

    And I assume that configuration syntax error mentioned before is referring to a conf file (most likely httpd.conf)?


 
Page 2 of 3 FirstFirst 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •