Home

   WHT uses sudo to make the apache user execute commands as if they are executed from the root user.
The main purpose is to make the web server execute root commands - /usr/sbin/useradd, /bin/chmod, /usr/sbin/userdel, /usr/sbin/usermod, /usr/sbin/setquota..

How this works:

1. When installing you created apache user and group and changed the password:

    # groupadd apache
    # useradd -g apache apache
    # passwd apache

and changed the two directives in httpd.conf file User apache and Group apache.

Now the web server runs all the scripts as user apache. Every time WHT have to execute a root command it runs the following in the shell:

    # sudo -v

Sudo checks wheather apache is in the /etc/sudoers file. If there is a row

apache ALL = PASSWD: ALL

(when installing you inserted it) and asks for the apache's password.
WHT replies with the password you specified in the configuration file ($httpd_passwd). If it is the apache's password sudo allows apache to run a command as if it is root.
Then WHT executes the desired command

    # sudo -u root command

and because of a security reason tells sudo to ask for the apache's password next time it tries to run a root command

    # sudo -k

To check wheather the described procedure works go to http://your_domain.com/wht/sudo_check.php
If there is something wrong you will see a blank page.