1. 首页
  2. 问答
  3. PHP exec(python.py),权限被拒绝写入文件

PHP exec(python.py),权限被拒绝写入文件

2017-02-21 167 views
2

我试图使用PHP的exec()函数执行python脚本。PHP exec(python.py),权限被拒绝写入文件

的PHP页面加载在浏览器:

<?php 
echo exec("whoami"); 

echo(exec("/bin/python2.7 /var/www/cgi-bin/api/download.py")); 
?>

下面是python脚本:如果执行的.py或.PHP作为Apache用户

# -*- encoding: UTF-8 -*- 

import os 
import httplib2 
import io 
import sys 
from httplib2 import Http 
from oauth2client import client 
from oauth2client import tools 
from apiclient import discovery 
from oauth2client.file import Storage 
from apiclient.discovery import build 
from oauth2client.client import OAuth2WebServerFlow 
from apiclient.http import MediaIoBaseDownload 
from oauth2client.service_account import ServiceAccountCredentials 

scopes = ['https://www.googleapis.com/auth/drive'] 

credentials = ServiceAccountCredentials.from_json_keyfile_name('/opt/scripts/full-patator-preprod.json', scopes) 

delegated_credentials = credentials.create_delegated('#############') 
http_auth = delegated_credentials.authorize(Http()) 

drive_service = build('drive', 'v2', http=http_auth) 


def get_file(service,fileId): 
    file = service.files().get(fileId=fileId).execute(http=http_auth); 
    return file 




item = get_file(drive_service,"#############") 

print(item.get('title')) 
delegated_credentials = credentials.create_delegated("#############") 
http_auth = delegated_credentials.authorize(Http()) 


request = drive_service.files().export_media(fileId="#############", mimeType='application/pdf') 

fh = io.FileIO("api/test.pdf","wb") 
downloader = MediaIoBaseDownload(fh, request) 
done = False 

counter=0; 
while done is False: 
    status, done = downloader.next_chunk() 
    print "Download %d%%." % int(status.progress() * 100) 
    counter+=1 
    if counter > 10: 
     done=True 
with open("test.pdf") as f: ## PDF File 
    print(type(f))   ## Open file is TextIOWrapper 
    bw=io.TextIOWrapper(fh) ## Conversion to TextIOWrapper 
    print(type(bw))   ## Just to confirm

一切正常。 但是用我的浏览器,当它涉及到写入文件:

fh = io.FileIO("api/test.pdf","wb")

我有这个输出在我的Apache的error_log:

Traceback (most recent call last): File "/var/www/cgi-bin/api/download.py", line 46, in fh = io.FileIO("test.pdf","wb") IOError: [Errno 13] Permission denied: 'test.pdf'

好吧,我敢肯定,这是由于权限父文件夹,然后是父项的父项权限。但我对这些文件夹设置了777权限,它什么也没做。

我的PHP脚本是在/var/www/html/manager/execute.php 我的.py脚本在/var/www/cgi-bin/api/download.py

文件夹/ WWW/,/ cgi-bin /,/ api /拥有777个权限。

我知道这不是一个好习惯,但我想在做一些更干净的事情之前解决这个问题。

在此先感谢

来源

2017-02-21 Adrien QUINT

+0

如果你调用PHP文件在浏览器中的你将成为用户'WWW-data'。而普通的'www-data'在命令行上不应该拥有太多的权限。 – JustOnUnderMillions

+0

PHP脚本以谁的身份运行?该用户/组是否有权运行Python脚本? –

+0

你好,我可以假设PHP运行为Apache用户,因为当我执行: shell_exec(“whoami”); 它返回我“apache” 当然,apache是​​.py文件的所有者 –

回答

相关问题

 相关问题