0

I'm working on a web application that uses both C++ and PHP. The issue at hand revolves around calling a CPP executable from PHP.

Environment:

  • CentOS7
  • PHP 7.4 (Remi)
  • Apache 2.4.6
  • C++ 11

Apache runs as apache:[appgroup], and all files are owned by the same. Executable files are executable by owner and group.

However, calling the executable from php -- whether using exec(), shell_exec(), or system() -- doesn't work, despite the code working when called from the command line.

I've done some testing by running

echo exec("whoami");
var_dump(file_exists('/var/www/html/project/bin/main'));
var_dump(is_executable('/var/www/html/project/bin/main'));

(With main being a compiled C++ file, that exists, that works when called from the command line). PHP can see the file, but "is_executable" returns false. "Whoami" returns apache, as expected.

I've messed with httpd.conf, php.ini, and tried calling the file several different ways. I've created shell and "hello world" C++ files, placed them in the same directory as the php script, and still had no luck.

No matter what, the following line will not do anything (nor will any call to any other C++ executable or shell script).

exec("/var/www/html/project/bin/main > /dev/null 2>&1");

What is stopping this from working?

Improve this question
5
  • 1
    Calling executables from web application doesn't look too secure. Are you sure some SELinux or AppArmor is not preventing you from doing such risky thing? Commented Sep 26, 2019 at 20:44
  • 1
    Instead of redirecting all the output to /dev/null, return it to the PHP script so you can report the error. Commented Sep 26, 2019 at 20:47
  • 1
    The default in CentOS 7 is to run your Apache HTTP Daemon inside a chroot jail. Therefore, the full path of /var/www/ ... etc. may not exist from your PHP code's perspective, or may have a physical location different than you expect. Try running it from a relative path within the Document Root. E.g., assuming it is possible to visit http://yourdomain.com/project/index.php because file /var/www/html/project/index.php exists, try running exec for ./project/bin/main. Commented Sep 26, 2019 at 20:49
  • @barmar it does not return an error, even when output is not redirected. Commented Sep 26, 2019 at 20:58
  • @jaroslawj it looks like SELinux may have been to blame. Thanks! Commented Sep 26, 2019 at 21:14

1 Answer 1

Reset to default
1

Calling executables from web application doesn't look too secure. Are you sure some SELinux or AppArmor is not preventing you from doing such risky thing?

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

This is a comment, not an answer (and in fact you did post this as comment before). If the answer to your question is "yes", then please rephrase this as an answer based on that fact, not as an open question. As it's written right now, your answer should be deleted, even with OP having accepted it.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.