I'm working on a virtual machine project where I use two servers, let's call them server A and server B, both with Ubuntu 14.04 LTS installed.
Server A runs web server Apache2 with a website where users can order Virtual Private Servers. Once the order process of the user is complete, the user clicks on a button which instantiates the following command with the PHP exec() function.
ssh -p 22 [email protected] fallocate -l 2048M /home/john/images/guest.img 2>&1
This should create an image on server B where ultimately the user's Virtual Private server is created. Running previous command with user john works perfectly, but because the command is run via PHP, www-data is the user executing it.
As expected I get the following errors back:
array(3) {
[0]=>
string(36) "Permission denied, please try again."
[1]=>
string(36) "Permission denied, please try again."
[2]=>
string(39) "Permission denied (publickey,password)."
}
I know about the security risks of giving this user sudo rights to become a different user and execute the command as "john". So my question therefor is: is there any other way to do this operation without modifying www-data's permissions? I believe that SSH is the only way to create something on a remote server, or am I wrong?
I'm not going to run the website on server B to create these images locally, this is not what I want.
Is this script answered by this user worth trying? https://superuser.com/a/547577/514523