unable to run generated python (selenium) script from PHP

Question

I have an Ubuntu machine for headless selenium tests.

I generate a python script in /var/www/tmp/random123name.py via PHP and execute them. The script works when run from command line user, fails when run from web (apache www-data:www-data user).

The script recalls some system / python modules:

from selenium import webdriver
from selenium.webdriver.support import expected_conditions as EC
from selenium.webdriver.support.ui import WebDriverWait
from selenium.webdriver.common.by import By
from time import sleep, strftime
import os, json
from pyvirtualdisplay import Display

This code returns 1:

$python = "sudo /usr/bin/python /var/www/tmp/random123name.py";
exec($python, $output, $return);
echo "OUT<pre>".print_r($output,1)."</pre>"; #returns empty
echo "RET<pre>".print_r($return,1)."</pre>"; #returns 1

I modified /etc/sudoers this way, without luck:

www-data ALL=(ALL:ALL) NOPASSWD: /usr/bin/python

I also tried

www-data ALL=(ALL:ALL) NOPASSWD: /usr/bin/python /var/www/tmp/

added www-data to dialout group and some other tries. Thank you for your support.

Answer 1

I solved: it's not enough to exit back to youruser / root, you need to exit ssh session and reopen it in order to load everything needed for visudo to work.

Answer 2

As you yourself have figured out, changes to sudoers don't get applied to running sessions, only to new sessions. So you need to logout and login again to see it.

But much more importantly, you shouldn't need sudo for this purpose, and allowing www-data user to run python as root without password is extremely scary. Surely there is a way to make your script work without needing root privileges, as a regular user, and I strongly urge you to try to figure that out, rather than resorting to sudo for this purpose.