I have a PHP webpage running on the local apache installation. The page uses shell_exec to access the messages/chat.db via sqlite3.
shell_exec("sudo -u ben sqlite3 ~/Library/messages/chat.db \"SELECT ...
Before Mojave I got the response correctly, but since updating to Mojave I get:
unable to open database
When running in the Terminal directly, this same issue occurs and is solved by adding Terminal to the "Full Disk Access" pane in System Preferences.
I can't figure out what I need to add for the PHP page; I've tried everything I can find… sqlite3, apachectl, php-fpm, but nothing has worked.
What do I need to add?
FYI: ben is in the sudoers file
Best Answer
You are possibly doing it incorrectly.
First of all,
sudo
typically requires a password to be typed, and that won't happen via a Web app.Second, the _www user doesn't get to use
sudo
. That's a big security hole. Don't even think of modifying sudoers to allow it.What you should be doing instead is allow the _www user (the one the webserver runs as) access to the
chat.db
file, like this: