I've made a webpage has a button that backs up the /var/www directory to a mounted USB drive. Assume that the page that this is on is completely safe and there is no way that anyone can see it. (unless actually relevant)
PHP code for the button: (I'm quite sure this isn't the issue, it works with other scripts that don't need the same privileges)
www_custom.sh code: (made to exclude files under 5MB)
I can run the script fine under my user, because I'm a sudoer and can use NOPASSWD, but it won't work with the button because www-data isn't. I read that it's a very poor idea to make apache a sudoer with NOPASSWD privileges so I won't do that. If what I'm saying makes no sense, I'm sorry. I am quite new at this, and have looked around the best I could but found no suggested alternatives.
Any ideas to make this work, whether it's a small tweak or a completely different approach, would be great. Thanks.
PHP code for the button: (I'm quite sure this isn't the issue, it works with other scripts that don't need the same privileges)
Code:
shell_exec('sh /etc/sh-scripts/www_custom.sh');Code:
#!/bin/sh
find /var/www -type f -size -5120k | xargs sudo tar czvf /media/[thumbdrive directory]/www_backup.tar.gzAny ideas to make this work, whether it's a small tweak or a completely different approach, would be great. Thanks.
