Hello, For the moment I'm setting up a configuration with apache as loadbalancer for jboss in cluster using the ajp13 with the mod_jk. Each jboss-instance runs on a seperate IP. So I've created virtual hosts for each IP on port 80 and 443. Now I want to setup a virtual host on the main IP on port 8443 where I can create a little control panel to automaticly generate vhost files and JBoss instances. My goal is to manipulate the server only via this contral panel. Therefor I need someting to restart apache gracefully in order to take count of the new created vhost-files. I found the exec command in php and I to restart http I use /etc/init.d/htpd graceful Now how can I put this together in a form with buttons. Do I have to do something for the user that runs the script? Please help!!!
Your control panel would have to run as root to be allowed to restart Apache. If your control panel runs under an Apache vhost (on port 8443), this won't work.
Code: <?php $submit = $_POST['submit']; if($submit == "Restart") { $message = '<p>Apache is being restarted</p>'; exec('/etc/init.d/httpd graceful'); $message .= '<p>Apache was restarted</p>'; } echo '<html><head><title>Apache Restart</title></head><body>'; echo $message; echo '<form action="" method="post"> <input type="submit" name="submit" value="Restart"></form>'; ?> Something like that should do it. Save that file, chown it as root and make it 0777 (for testing)... if it works chmod it to rxrxrx
To execute a script as root, you should probably set the setuid bit: Code: chmod +s filename However, setting the setuid bit for a script, which is activated by your webserver, is a security risk. The alternative is to set a 'flag' somewhere (e.g. by creating a dummy file) and have a root cron script check if that file exists. If exists, restart apache and remove the flag file. Of course there are other mechanisms possible. You could have the crontab scan/run every minute. That way it will only take a minute before action is taken.
The sticky bit didn't work for me when I needed this and I found this false bug explaining why: http://bugs.php.net/bug.php?id=22890&edit=1 Instead, this work around helped me: http://adamyoung.net/Reload-httpd-via-PHP I haven't looked at how ISPConfig does it yet although I have been curious...
Sorry, I wasn't complete. The workaround you found is a correct/complete solution. However, keep in mind there's still a security risk. Make sure you sanity / check every input string in your PHP sripts that calls this suid executable.
There is a background daemon running as root, /root/ispconfig/sv/ispconfig_wconf, which checks every 10 seconds if the file /home/admispconfig/.run exists. If it exists, the ispconfig_wconf process starts the update process (as root). The /home/admispconfig/.run can be created by the Apache user.
