Reset PHP cache through SQL query or from a gun on sparrows


Good time of day. Faced with such a task using an SQL query to reset PHP cache. Simply put, to remove multiple files in a specific directory. At the entrance there is:
the
    the
  • DBMS PostgreSQL 9.3
    • the
  • OS – Linux (Fedora, but not an essence important)

In the end, it turned out the decision to bundle python + C + bash (just a little). A little Unix-way, but maybe useful to someone.

Wrap the command to delete the PHP cache in a bash script, thinking about his further expansion of new functionality. Generally speaking, it would be nice to pass the desired command as a parameter. Here is the script:
the 
#!/bin/bash

function __clear_cache() {
rm /var/www/html/cache/*.php
}

FUNCS=()
FUNCS+=("__clear_cache")

function function_exists() {
local e
for e in "${@:2}"; do [[ "$e" == "$1" ]] && return 0; done
return 1
}

if function_exists "$1" "${FUNCS[@]}"; then
eval "$1"
else
echo "Function $1 does not exists"
exit 1
fi

Here we declare the array that will contain the list of functions (i.e. commands) and before the call command that is sent (ie, functions), check whether it is in the list. Otherwise, a bad user can pass something like rm-rf ... as a parameter that will succeed in eval. Select the owner for this script as root (though apache will be enough, but think about extensibility, not forgetting the caution) and make the script execute:
the 
chown root:root sysutils
chmod ugo+x sysutils

Execute this script from the DBMS is possible through C (a long way because of the need to bother with creating an extension to PostgreSQL) or via an unmanaged scripting language, which is plpython. But first, consider this script from the DBMS will be running as user postgres and delete the cache can only apache (at least). But do not worry, there is such a thing as SUID flag. Only here the problem is that in Linux you cannot set the SUID flag for scripts (read more — here). Actually, you can, but effective user ID will still be the same as the real one. Let's try to work around this limitation by writing a small C program that will call our script. Here is its code:
the 
#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <unistd.h>

int main(int argc, char *argv[])
{
setuid(0);

char command[255];

if (argc == 2)
{
snprintf(command, 255, "/usr/local/bin/sysutils %s", argv[1]);
system(command);
}
else
{
printf("USAGE: sysutils-core <command>\n");
}

return 0;
}

First, we set the effective user ID, then call the script and pass the parameter to the desired command. Compile the program and set the SUID flag:
the 
gcc -o sysutils-core sysutils-core.c
chmod u+s sysutils-core

Check:
the 
su postgres
./sysutils-core clear_cache

Now, on to the DBMS.

Install the extension plpython3 (pre-installed), by executing the following SQL command in the DB:
the 
CREATE EXTENSION plpython3u;

Or using the console:
the 
createlang plpython3u -h localhost -U postgres testdb

A function in the DBMS, through which will reset the cache:
the 
CREATE OR REPLACE FUNCTION clear_cache ( )
RETURNS void AS
$BODY$
import os
os.system("/usr/local/bin/sysutils-core __clear_cache")
$BODY$
LANGUAGE plpython3u VOLATILE;

Then just call sysutils-core with clear_cache option. Check:
the 
SELECT clear_cache ( );

If necessary, the function can be not only for postgres (that this user can create functions in unmanaged languages), in this case, the function when creating the option — SECURITY DEFINER (similar to SUID in the database).

That's all. If you want, you can add the transfer of arguments the new command and generally to manage linux server via a DBMS. Let this be a homework assignment.

UPD: a safer version of the C program (using execl):
Hidden text
#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <unistd.h>
#include <error.h>
#include <sys/wait.h>
#include <errno.h>

int main(int argc, char *argv[])
{
setuid(0);

if (argc == 2)
{
int status = 0;


switch (pid)
{
case -1:
printf("Fork sysutils process failed");
exit(1);
case 0:
execl("/bin/bash", "bash", "/usr/local/bin/sysutils", argv[1], NULL);
default:
wait(&status);
}
}
else
{
printf("USAGE: sysutils-core <command>\n");
}

return 0;
}

Article based on information from habrahabr.ru

Комментарии

Отправить комментарий

Популярные сообщения из этого блога

Briefly on how to make your Qt geoservice plugin

Изображение
+ =? The next step after GPS module , became its practical application in my project. Maybe someone this post will be more interesting. First, some source data: Required: the Offline mapping service the Integration with QML Features: the the libosmscout — library providing the OSM data in the wrapper with the friendly API the Qt5Location with dev branch summary of the previous 160 series In Qt since time immemorial was a wonderful beam-process QtMobility and he was so wonderful that he lived, he lived, and bent. Yes, of course, he is still here, and even used my N9 and someone's Blackberry, but the fact that Digia will no longer support this API at all. But in Digia are working not fools, they gradually started to pull the pieces QtMobility in Qt5. One such component is a QtLocation. In Qt 5.3, you can see only a piece QtLocation, QtPositioning which refers to Digia. I must say nice stuff, gave her the NMEA from the local socket, and she'
Далее...

Database replication PostgreSQL-based SymmetricDS

In this article I will tell how to configure database replication for PostgreSQL. For the experiments we use a distribution of Linux CentOS 5.3, although this is not essential. we will use a version of PostgreSQL 8.4.7 and SymmetricDS-2.2.2. What is replication? In fact, it is a mechanism to automatically synchronize the contents of databases running on different servers. As a result of replication of these databases contain absolutely identical data. This is necessary for example in order to provide fault tolerance system (in the case of the fall of the first database server, the work enters the second), or to implement load balancing, different customers can serve different server. For replication you need at least two database servers, so prepare two identical servers with a PostgreSQL database on each. The first is the IP address 10.0.2.20, the second — 10.0.2.21, both gateway 10.0.2.2. You can do a virtual machine like VirtualBox to create two virtual servers and run
Далее...

Yandex.Widget + adjustIFrameHeight + MooTools

Изображение
Many people know about this cool thing Yandex.Widget . To make your widget be easy enough to write server-side widget and connect it to Yandex.Widget via iframe . To control the widget Yandex offers APIs in a JS object widget , particularly with the help of it you can change the height of the frame under dynamic content (adjustIFrameHeight), it allows to get rid of the vertical scroll bar. But this API has a significant drawback — it is written using jQuery , which deprives developers of widgets for MooTools to use the Widget API. Below I will show how quite simple it is possible to bypass the Widget API to control the height of the frame using MooTools on the side of the widget. As we know from the contents of the frame it is impossible to access the object frame itself, if they are on different domains. To bypass this limitation, a proxy Widget API uses an iframe using hash (the content after # in the src of the frame) which provides for the exchange of comma
Далее...