Enable shell_exec() on internal cPanel PHP (for cPanel plugin)

[mikelegg]

I'm developing a simple cPanel plugin using LivePHP that runs a couple of bash commands via shell_exec().

When I run it I get this error ...

Warning: shell_exec() has been disabled for security reasons in /usr/local/cpanel/base/frontend/x3/mypluginname/myfilename.livephp on line x

/usr/local/cpanel/3rdparty/etc/php.ini has this setting ...

disable_functions	= ;

So I can't work out why the plugin says that shell_exec() has been disabled.

Which php.ini file does LivePHP use?

 

[mikelegg]

I tried to find the php.ini file via phpinfo(), but got the error ...

Warning: phpinfo() has been disabled for security reasons in /usr/local/cpanel/base/frontend/x3/mypluginname/phpinfo.livephp on line x

 

[ModServ]

You need to remove these functions from /usr/local/lib/php.ini

To check function existence:

grep -iw "shell_exec" /usr/local/lib/php.ini

If exist you will get the whole functions so just remove it from the file and restart apache.

 

[mikelegg]

Thanks for that, I'd just done a search for all php.ini files on the server and was working my way through all the likely ones.

 

[ModServ]

Hi,

You welcome, And if you need anything in BASH just let me know.

Thanks,

 

[mikelegg]

Thanks for the offer.

The Bash stuff is really simple - it's just 2 lines to fix file and folder permissions inside the public_html folder to make them compatible with suPHP (644/755) I've been running the commands manually for years but I just wanted to create a cPanel plugin so that customers can just click a button and fix the permissions themselves.

I've almost finished it.

 

[ModServ]

That's great, I'm thinking of creating a lot of plugins but my problem is that I'm not an expert in PHP neither Perl.

 

[mikelegg]

The part I find hardest is getting my mind around how the cPanel integration works.

 

[ModServ]

Yeah, API is blowing my mind till this moment :D

Good luck with your plugin.

 

[mikelegg]

It's just dawned on me that /usr/local/lib/php.ini is used by the default PHP configuration that customers web sites use - so I've had to disable shell_exec() again which means my plugin won't work.

I assumed LivePHP would have used cpsrvd rather than the public web server.

Looks like I'll have to start from scratch and not use LivePHP.

 

[mikelegg]

OK, I've re-written my plugin using the old method instead of LivePHP.

According to CpanelPhp < SoftwareDevelopmentKit < TWiki the relevant php.ini is /usr/local/cpanel/3rdparty/etc or /var/cpanel/3rdparty/etc

(In my case it's /usr/local/cpanel/3rdparty/etc)

This php.ini contains

disable_functions    = ;

But I'm still getting ...

Warning: shell_exec() has been disabled for security reasons in /tmp/cpanel_phpengine.1318648444.24620AVb0p9xNbT on line 150

So back to my original question - what do I have to do to enable shell_exec() on cPanel's custom PHP binary?

 

[mikelegg]

OK here's the answer ...

cPanel/WHM was incorrectly using the public php.ini (/usr/local/lib/php.ini) instead of /usr/local/cpanel/3rdparty/etc/php.ini.

I fixed the problem by running /scripts/makecpphp

 

[ModServ]

Glad to hear that.

Good luck

 

[Brian]

Some further clarification here. /scripts/makecpphp shouldn't have been necessary.

What seems likely is that you did not have the touch file that is on cPanel/WHM installs by default:

/var/cpanel/usecpphp

When that empty file exists (which it does by default), cPanel/WHM uses the internal cP PHP build out of /usr/local/cpanel/3rdparty (or if custom built, /var/cpanel/3rdparty). So, it sounds like this was removed on your server which would've intentionally caused cPanel/WHM to utilize the main system PHP.

/scripts/makecpphp would've coincidentally created /var/cpanel/usecpphp, hence why it resolved the matter for you. However, rebuilding cP PHP would not have been necessary.

 

[mikelegg]

Thanks Brian

I've installed the plugin on 3 servers so far and found the same situation on each one.

Creating /var/cpanel/usecpphp is a lot quicker than running /scripts/makecpphp, so I'll use that on the rest.

 

[mambovince]

Some further clarification here. /scripts/makecpphp shouldn't have been necessary.

What seems likely is that you did not have the touch file that is on cPanel/WHM installs by default:

/var/cpanel/usecpphp

When that empty file exists (which it does by default), cPanel/WHM uses the internal cP PHP build out of /usr/local/cpanel/3rdparty (or if custom built, /var/cpanel/3rdparty). So, it sounds like this was removed on your server which would've intentionally caused cPanel/WHM to utilize the main system PHP.

/scripts/makecpphp would've coincidentally created /var/cpanel/usecpphp, hence why it resolved the matter for you. However, rebuilding cP PHP would not have been necessary.

Interesting, I just had same issue running latest STABLE version.
WHM 11.30.5 (build 3)
CENTOS 5.7 x86_64 virtuozzo

And I see no /var/cpanel/usecpphp file.

As Fantastico installs have worked without this issue for years, is it possible that latest build deleted the /var/cpanel/usecpphp file somehow?

- Vincent