1

I am running the following command line:

myuser@server:/var/www/html/folder/htdocs$ php remove.php
myuser is not in the sudoers file.  This incident will be reported.

Within remove.php I run:

exec('sudo -u myuser /usr/bin/wipe '.$main_path.$base.' -f -c -s');

And I've set my sudoers file:

www-data ALL=(myuser) NOPASSWD: ALL

And I've set sudoers to 0440:

-r--r----- 1 root root 838 Sep 18 11:07 sudoers

Why am I told that myuser isn't in the sudoers file when it is?

Antony
  • 219
  • 1
  • 4
  • 12
  • Are you *sure*? I don't think the system will lie to you about this. Try `sudo adduser yourusername sudo`. You have to do this from a user that already has sudo privilege. – Nmath Sep 18 '20 at 10:29
  • I have run that - gone back to my php script and am still getting the same message. I agree its bizarre that the system shouldn't lie! I'm either missing something obvious or have done something weird – Antony Sep 18 '20 at 10:32
  • which user executes the php script? – Nmath Sep 18 '20 at 10:35
  • I'm now running it purely from the command line (outside of PHP) with `sudo -u myuser /usr/bin/wipe` and its erroring too - same error – Antony Sep 18 '20 at 10:37
  • `usermod -aG sudo myuser` and a reboot did the fix :) thanks – Antony Sep 18 '20 at 10:52
  • AFAIK `www-data ALL=(myuser) NOPASSWD: ALL` allows user `www-data` to execute `sudo -u myuser somecommand` - it does **not** allow `myuser` to execute `sudo` themself. See for example [Trying to understand the difference between “modernNeo ALL=(ALL:ALL) ALL” and “modernNeo ALL=(ALL) ALL” in the sudoers file](https://unix.stackexchange.com/a/490838/65304) – steeldriver Sep 18 '20 at 11:19

0 Answers0