Difference between revisions of "Use systemctl from web script on Raspbian"
m |
m |
||
| (One intermediate revision by the same user not shown) | |||
| Line 1: | Line 1: | ||
On Raspbian jessie, authority to the systemctl command is managed by polkit. To allow a web script to poweroff or reboot your pi using the systemctl command, you'll need to make some configuration changes to polkit-1. | On Raspbian jessie, authority to the systemctl command is managed by polkit. To allow a web script to poweroff or reboot your pi using the systemctl command, you'll need to make some configuration changes to polkit-1. | ||
| − | Create or modify /etc/polkit-1/localauthority.conf.d/60-desktop-policy.conf to have the following content: | + | Create or modify <code>/etc/polkit-1/localauthority.conf.d/60-desktop-policy.conf</code> to have the following content: |
[Configuration] | [Configuration] | ||
AdminIdentities=unix-user:pi;unix-user:www-data;unix-user:0 | AdminIdentities=unix-user:pi;unix-user:www-data;unix-user:0 | ||
| − | Create /etc/polkit-1/localauthority/50-local.d/www-data.pkla to have the following content: | + | Create <code>/etc/polkit-1/localauthority/50-local.d/www-data.pkla</code> to have the following content: |
[www-data Permissions] | [www-data Permissions] | ||
Identity=unix-user:www-data | Identity=unix-user:www-data | ||
| Line 12: | Line 12: | ||
ResultInactive=yes | ResultInactive=yes | ||
ResultActive=yes | ResultActive=yes | ||
| − | You may name this file as you like, but it must have a .pkla extension. | + | You may name this file as you like, but it must have a .pkla extension. The '''Action''' keyword indicates the action ids for which authority is to be overridden. You will find these action ids defined in <code>/usr/share/polkit-1/actions/org.freedesktop.login1.policy</code>. |
Configuration changes to polkit are applied in real time, so all you need to do now is run your web script from a browser: | Configuration changes to polkit are applied in real time, so all you need to do now is run your web script from a browser: | ||
Latest revision as of 17:02, 9 April 2017
On Raspbian jessie, authority to the systemctl command is managed by polkit. To allow a web script to poweroff or reboot your pi using the systemctl command, you'll need to make some configuration changes to polkit-1.
Create or modify /etc/polkit-1/localauthority.conf.d/60-desktop-policy.conf to have the following content:
[Configuration] AdminIdentities=unix-user:pi;unix-user:www-data;unix-user:0
Create /etc/polkit-1/localauthority/50-local.d/www-data.pkla to have the following content:
[www-data Permissions] Identity=unix-user:www-data Action=org.freedesktop.login1.* ResultAny=yes ResultInactive=yes ResultActive=yes
You may name this file as you like, but it must have a .pkla extension. The Action keyword indicates the action ids for which authority is to be overridden. You will find these action ids defined in /usr/share/polkit-1/actions/org.freedesktop.login1.policy.
Configuration changes to polkit are applied in real time, so all you need to do now is run your web script from a browser:
<?php // reboot.php - script to reboot the system `systemctl reboot -i`; ?>
Here the backtick operator is used to execute a shell command, and option -i is used to ignore inhibitors. Make sure you secure access to your script as required.
Reference: https://www.freedesktop.org/software/polkit/docs/0.105/pklocalauthority.8.html
