Difference between revisions of "Use systemctl from web script on Raspbian"

From PeTechWiki
Jump to navigationJump to search
(Created page with "On Raspbian jessie, authority to the systemctl command is managed by polkit. To allow a web script to poweroff or reboot your pi using the systemctl command, you'll need to ma...")
 
m
 
(4 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
On Raspbian jessie, authority to the systemctl command is managed by polkit. To allow a web script to poweroff or reboot your pi using the systemctl command, you'll need to make some configuration changes to polkit-1.
 
On Raspbian jessie, authority to the systemctl command is managed by polkit. To allow a web script to poweroff or reboot your pi using the systemctl command, you'll need to make some configuration changes to polkit-1.
  
Create or modify /etc/polkit-1/localauthority.conf.d/60-desktop-policy.conf to have the following content:
+
Create or modify <code>/etc/polkit-1/localauthority.conf.d/60-desktop-policy.conf</code> to have the following content:
 
  [Configuration]
 
  [Configuration]
 
  AdminIdentities=unix-user:pi;unix-user:www-data;unix-user:0
 
  AdminIdentities=unix-user:pi;unix-user:www-data;unix-user:0
  
Create /etc/polkit-1/localauthority/50-local.d/www-data.pkla to have the following content:
+
Create <code>/etc/polkit-1/localauthority/50-local.d/www-data.pkla</code> to have the following content:
 
  [www-data Permissions]                                                                                                                   
 
  [www-data Permissions]                                                                                                                   
 
  Identity=unix-user:www-data                                                                                                               
 
  Identity=unix-user:www-data                                                                                                               
Line 12: Line 12:
 
  ResultInactive=yes                                                                                                                       
 
  ResultInactive=yes                                                                                                                       
 
  ResultActive=yes
 
  ResultActive=yes
You may name this file as you like, but it must have a .pkla extension.
+
You may name this file as you like, but it must have a .pkla extension. The '''Action''' keyword indicates the action ids for which authority is to be overridden. You will find these action ids defined in <code>/usr/share/polkit-1/actions/org.freedesktop.login1.policy</code>.
  
 
Configuration changes to polkit are applied in real time, so all you need to do now is run your web script from a browser:
 
Configuration changes to polkit are applied in real time, so all you need to do now is run your web script from a browser:
  <?php // reboot.php - script to reboot the system
+
  <?php
  `systemctl reboot -i`
+
// reboot.php - script to reboot the system
 +
  `systemctl reboot -i`;
 
  ?>
 
  ?>
Here the backtick operator is used to execute a shell command, and option -i is used to ignore inhibitors.
+
Here the backtick operator is used to execute a shell command, and option -i is used to ignore inhibitors. Make sure you secure access to your script as required.
  
Ref: https://www.freedesktop.org/software/polkit/docs/0.105/pklocalauthority.8.html
+
Reference: https://www.freedesktop.org/software/polkit/docs/0.105/pklocalauthority.8.html
  
 
[[Category:Raspberry Pi]]
 
[[Category:Raspberry Pi]]

Latest revision as of 16:02, 9 April 2017

On Raspbian jessie, authority to the systemctl command is managed by polkit. To allow a web script to poweroff or reboot your pi using the systemctl command, you'll need to make some configuration changes to polkit-1.

Create or modify /etc/polkit-1/localauthority.conf.d/60-desktop-policy.conf to have the following content:

[Configuration]
AdminIdentities=unix-user:pi;unix-user:www-data;unix-user:0

Create /etc/polkit-1/localauthority/50-local.d/www-data.pkla to have the following content:

[www-data Permissions]                                                                                                                   
Identity=unix-user:www-data                                                                                                              
Action=org.freedesktop.login1.*                                                                                                          
ResultAny=yes                                                                                                                            
ResultInactive=yes                                                                                                                       
ResultActive=yes

You may name this file as you like, but it must have a .pkla extension. The Action keyword indicates the action ids for which authority is to be overridden. You will find these action ids defined in /usr/share/polkit-1/actions/org.freedesktop.login1.policy.

Configuration changes to polkit are applied in real time, so all you need to do now is run your web script from a browser:

<?php
// reboot.php - script to reboot the system
`systemctl reboot -i`;
?>

Here the backtick operator is used to execute a shell command, and option -i is used to ignore inhibitors. Make sure you secure access to your script as required.

Reference: https://www.freedesktop.org/software/polkit/docs/0.105/pklocalauthority.8.html