Undoubtedly, this is a bad idea from the security point of view, but in my case, my server is running on the local network and isn’t accessible from the internet. I wouldn’t suggest using this on a public facing internet connected system. Use this at your own risk.
For example, when running shell_exec and you need to execute commands as root (using a GPIO light on a raspberry pi requires running python with sudo).
- Edit the php configuration: /etc/php5/fpm/pool.d/www.conf
- change the user and group to root
- In the service definition: /lib/systemd/system/php5-fpm.service
- add the -R flag to the end of the ExecStart line (to run as root)
- Reload the configuration
$ systemctl daemon-reload
- Restart php5-fpm and nginx services.
- test it by creating (and running) a php file with contents like this:
$output = shell_exec(‘sudo whoami’);
- after running in the browser, you’ll see the username root printed if it worked.