From owner-freebsd-questions@FreeBSD.ORG  Sat Jul 23 13:19:10 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 117C916A420
	for <freebsd-questions@freebsd.org>;
	Sat, 23 Jul 2005 13:19:10 +0000 (GMT)
	(envelope-from krolk@excite.com)
Received: from excite.com (nn8.excitenetwork.com [207.159.120.62])
	by mx1.FreeBSD.org (Postfix) with ESMTP id ADB5F43D48
	for <freebsd-questions@freebsd.org>;
	Sat, 23 Jul 2005 13:19:09 +0000 (GMT)
	(envelope-from krolk@excite.com)
Received: by xprdmailfe11.nwk.excite.com (Postfix, from userid 110)
	id 41E303E1D; Sat, 23 Jul 2005 09:19:08 -0400 (EDT)
To: freebsd-questions@freebsd.org
Received: from [84.73.114.198] by xprdmailfe11.nwk.excite.com via HTTP;
	Sat, 23 Jul 2005 09:19:08 EST
X-AntiAbuse: This header was added to track abuse,
	please include it with any abuse report
X-AntiAbuse: ID = a0691dd04bae80565516bc7e9d109f53
From: "marek" <krolk@excite.com>
MIME-Version: 1.0
X-Sender: krolk@excite.com
X-Mailer: PHP
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-Id: <20050723131908.41E303E1D@xprdmailfe11.nwk.excite.com>
Date: Sat, 23 Jul 2005 09:19:08 -0400 (EDT)
Subject: sudo for www user to run root shell script via browser
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: krolk@excite.com
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Jul 2005 13:19:10 -0000


hi

I have freebsd 5.4 and need sudo for www (apache) user
to run a startup root script ntop.sh from cgi-bin directory via browser using a per script:


#!/usr/bin/perl -w
use CGI;
my $query = new CGI;

print $query->header;
print "<html>\n";
print "<head>\n";
print "<title>ntop startup script</title>\n";
print "<STYLE TYPE='text/css'>\n";
print "h3 { color: red }\n";
print "a { text-decoration: none; font: bold 14pt/16pt Ariel, serif }";
print "a:hover { color: red } /* when mouse is over link */";
print "</style>\n";
print "</head>\n";
print "<body bgcolor='#c0c0d0'>\n";
print "<center>";
print "<p><br></p>";
print "<p><br></p>";

'sudo sh /usr/local/www/cgi-bin/ntop/ntop.sh stop' or die "cannot stop ntop: $!";
sleep(8);
$cc = 'sudo sh /usr/local/www/cgi-bin/ntop/ntop.sh start' or die "cannot start ntop: $!";
print "Status: ",$cc,"\n";

print "</body>";
print "</html>";
exit($cc);



I did:

# cp /usr/local/etc/rc.d /usr/local/www/cgi-bin/ntop
# cd /usr/local/www/cgi-bin/ntop
# chmod 755 ntop.sh
# chown www ntop.sh

I've created in in /usr/local/etc/sudoers following entry:

www ALL=(ALL) NOPASSWD: ALL

but it doesn't work.

if I try from command line as root user:

# sudo -u www sh /usr/local/www/cgi-bin/ntop/ntop.sh start
ntopbsd#

ntop won't start.

what's wrong and how can I execute this script via browser ?

greetings
marek




_______________________________________________
Join Excite! - http://www.excite.com
The most personalized portal on the Web!