一,php中查看当前用户:
php代码:
public function ocr() {
$daemon_user = getenv('USERNAME') ?: getenv('USER');
$script_user = get_current_user();
return Result::Success(["daemon_user"=>$daemon_user,"script_user"=>$script_user]);
}
访问时返回:
{
code: 0,
msg: "success",
data:{
daemon_user: "nginx",
script_user: "lhdop",
}
}
说明:daemon_user是正在执行当前脚本的用户,通常是php-fpm.conf中指定的user/group
script_user是脚本文件的owner,可以通过以下命令查看:
[root@blog controller]# ll total 24 -rw-rw-r-- 1 lhdop lhdop 1582 Oct 20 15:13 Auth.php -rw-rw-r-- 1 lhdop lhdop 1610 Oct 20 15:13 Home.php -rw-rw-r-- 1 lhdop lhdop 11804 Nov 5 18:08 Image.php -rw-rw-r-- 1 lhdop lhdop 1308 Oct 20 15:13 Index.php
二,linux中配置sudo
1,python脚本
easy.py
import easyocr import sys reader = easyocr.Reader(['ch_sim','en'], gpu = False,verbose = False) path = sys.argv[1] result = reader.readtext(r''+path) print(result)
返回:
[lhdop@blog img2]$ python3 easy.py /home/lhdop/img2/text.jpeg [([[237, 41], [387, 41], [387, 127], [237, 127]], '推文', 0.9029050204465915), ([[36, 443], [761, 443], [761, 558], [36, 558]], '今天听到一个笑话:', 0.7776902087822264), ([[798,....
2,bash脚本
easy.sh
#!/bin/bash
/usr/bin/python3 /home/lhdop/img2/easy.py ${1}
说明:使用bash脚本是为了在sudoers中只允许执行指定的脚本,避免安全问题
执行:
[lhdop@blog img2]$ /home/lhdop/img2/easy.sh /home/lhdop/img2/text.jpeg [([[237, 41], [387, 41], [387, 127], [237, 127]], '推文', 0.9029050204465915),
([[36, 443], [761, 443], [761, 558], [36, 558]], '今天听到一个笑话:', 0.7776902087822264),
([[798,448], [894, 448], [894, 552], [798, 552]], '美', 0.9923826635401589),
([[40, 562], [675, 562], [675, 674], [40, 674]], '国捅了欧盟一刀,', 0.6283286688234799),
...]
3,配置sudoers
[root@blog ~]# visudo
在root ALL=(ALL) ALL 一行后增加一行:
nginx ALL=(ALL) NOPASSWD:/home/lhdop/img2/easy.sh
如下:
root ALL=(ALL) ALL nginx ALL=(ALL) NOPASSWD:/home/lhdop/img2/easy.sh
NOPASSWD:表示执行后面的脚本时不需要输入密码
ALL:可以从任何主机运行
(ALL):作为谁执行,ALL
三,php调用sudo脚本
public function ocr() {
$daemon_user = getenv('USERNAME') ?: getenv('USER');
$script_user = get_current_user();
$cmdtmb="sudo -u lhdop /home/lhdop/img2/easy.sh /home/lhdop/img2/text.jpeg"." 2>&1";
$rettmb=shell_exec($cmdtmb);
return Result::Success(["daemon_user"=>$daemon_user,"script_user"=>$script_user,"cmd"=>$cmdtmb,"ret"=>$rettmb]);
}
返回:
{
code: 0,
msg: "success",
data:{
daemon_user: "nginx",
cmd: "sudo -u lhdop /home/lhdop/img2/easy.sh /home/lhdop/img2/text.jpeg 2>&1",
script_user: "lhdop",
msg: "this is home",
ret: "[([[237, 41], [387, 41], [387, 127], [237, 127]], '推文', 0.9029050204465915),
([[36, 443], [761, 443], [761, 558], [36, 558]], '今天听到一个笑话:', 0.7776902087822264),
([[798, 448], [894, 448], [894, 552], [798, 552]], '美', 0.9923826635401589),
([[40, 562], [675, 562], [675, 674], [40, 674]], '国捅了欧盟一刀,', 0.6283286688234799),
...] "
}
}
说明:刘宏缔的架构森林—专注it技术的博客,
网址:https://imgtouch.com
本文: https://blog.imgtouch.com/index.php/2023/06/03/php-zai-linux-shang-yong-sudo-ti-sheng-quan-xian-centos-8/
代码: https://github.com/liuhongdi/ 或 https://gitee.com/liuhongdi
说明:作者:刘宏缔 邮箱: 371125307@qq.com
四,查看php和linux版本:
查看linux版本
[root@blog ~]# more /etc/redhat-release CentOS Linux release 8.0.1905 (Core)
查看php版本
[root@blog ~]# /usr/local/soft/php7/bin/php --version PHP 7.4.2 (cli) (built: Apr 20 2022 16:49:58) ( NTS ) Copyright (c) The PHP Group Zend Engine v3.4.0, Copyright (c) Zend Technologies
&pic=https://www.imgtouch.com/img/logo/nginx.webp "将选中内容分享到新浪微博"){kind=logo}
