# lighthttp sudo not working after reboot



## gvandenbosch (Mar 2, 2015)

I am running a lighthttp webserver and it uses sudo to execute some commands.

After first time adding this with visudo and restarting lighthttp it works perfectly.
However when I reboot my system the sudo rights are not applied.
When I manually restart lighthttp it works again, it seems the rules are applied later than that the webserver is started. 

I don't know if this is the case and can't find a solution for this, could someone give me a pointer where to look or how to solve this?


----------



## woodsb02 (Mar 2, 2015)

gvandenbosch said:


> I am running a lighthttp webserver and it uses sudo to execute some commands.


Can you explain more what you mean by this? I have not seen www/lighttpd use security/sudo before for executing commands. Can you include any custom configuration details or code that is facilitating this? At the least it would be helpful to include your /usr/local/etc/lighttpd.conf file, along with any other customised configuration files and log entries.


----------



## gvandenbosch (Mar 2, 2015)

If I read this indeed doesn't make much sense what I wrote.

I meant that on my lighttpd I have running some PHP pages.
The PHP code executes some commands with `sudo` in front in order to execute them.

In order to give the www user the appropriate rights for sudo(8) I have installed security/sudo.
I have added www user to the wheel group
Using visudo(8) I gave the group wheel the rights for executing sudo(8) commands.

After doing that and restarting lighttpd this worked fine.

However when I give the system a reboot it stops working until I manually restart lighttpd again.
So it seems lighttpd is started before the rules from sudo are applied.


----------



## SirDice (Mar 2, 2015)

The rules for sudo(8) are applied whenever sudo(8) is executed. There's nothing to "load" beforehand and changes to the sudoers file are instantaneous.


----------



## tobik@ (Mar 2, 2015)

I am making some pretty big assumptions here, but maybe this helps. If not ignore me.

In short you probably want to setup your PHP script's PATH to include /usr/local/bin.

How do you restart `lighttpd` after boot? If you use `/usr/local/etc/rc.d/lighttpd restart` this might just be a simple PATH problem where `sudo` cannot be found.

Try restarting with `service lighttpd restart` and if that fails just like after a boot you know you have a PATH problem.  `service` sets PATH to /sbin:/bin:/usr/sbin:/usr/bin just like at boot time, using the rc-script directly does not! It inherits the PATH as set in your shell.

When you login /usr/local/bin (where `sudo` is installed) is added to your PATH, which is why it works after boot.


----------

