I am trying to get lighttpd to serve a perl script which uses a command requiring root privs.
The script contains this line:
print ´sudo systemcl start hyperion´ or die "went wrong';
When i run it as “osmc” within the shell with “perl test.pl”, it works fine. When i call the script in the browser, it generates an internal server error (500). when I do something normal like
print "foo"
in the script, everything works fine.
I made the script executable and added this to /etc/sudoers:
If that’s a copy/paste, then it should be systemctl, not systemcl.
No it’s not, it was a typo
Yes indeed, the reason is that I am a linux-noobie and adding the mentioned code to /etc/sudoers was the only useful information I’ve found by googling “perl exec sudo cgi”.
adding www-data to group sudo would mean that the webserver could sudo ANY command - right?
Wouldn’t this be pretty insecure? As far as i understood, the mentioned code allows www-data only to sudo the perl script and /sbin/systemctl
But thanks for your tip, I will try adding www-data to sudo group to ensure that the problem is indeed based on the priviliege level and nothing is messed up in the lighthttpd config.