Running command-line application from PHP as specific user

I am running Apache on my localhost. From a PHP script run as www-user I would like to control Rhythmbox playback on my machine. So far I have a simple command in my PHP script:

exec('rhythmbox-client --pause');

This works great when I run it from the command-line as me, but if it runs as www-user I guess rhythmbox-client doesn't know/can't access my instance of Rhythmbox.

Is there an easy way for that PHP script to run as my user rather than www-user, or to tell rhythmbox-client which instance to control?

The overall application is that when my phone goes off-hook it calls my PHP script which pauses music, and resumes playback when the phone is on-hook. I love VoIP phones!

Solution: Thanks to Carpetsmoker and Tarek I used sudo as the answer but there was a couple of problems. To overcome them I did the following:

Created a bash script to call rhythmbox-client. This bash script was executed using sudo in PHP as described in the answer below. Unfortunately rhythmbox-client didn't know what environment to control, so the bash script looks like this:

#! /bin/bash
DBUS_ADDRESS=`grep -z DBUS_SESSION_BUS_ADDRESS /proc/*/environ 2> /dev/null| sed 's/DBUS/\nDBUS/g' | tail -n 1`
if [ "x$DBUS_ADDRESS" != "x" ]; then
        export $DBUS_ADDRESS
        /usr/bin/rhythmbox-client --pause
fi

Now that bash script can be executed by PHP and wwwuser, and my phone can pause/play my music!


Solution 1:

One solution is using sudo(8):

exec('sudo -u myuser ls /');

You will, obviously, need to setup sudo(8) to allow the user running your webserver to invoke it. Editing the sudoers file with visudo(8), you can use something like:

wwwuser ALL=/usr/bin/rhythmbox-client

To prevent Apache from being able to run other commands and only the rythymbox command.

Solution 2:

In my case, the solution came this way:

  1. Added this lines to sudoers file:

    myuser ALL=(ALL) NOPASSWD: /usr/bin/prlctl
    _www ALL=(ALL) NOPASSWD: /usr/bin/prlctl # IMPORTANT!!!

  2. The EXEC() command in PHP was changed to:

    exec("sudo -u myuser prlctl list -a", $out, $r);