См. также этот ответ для подобного сценария.
Это входит /etc/sudoers
:
php ALL=(postgres) NOPASSWD: /the/restore/script
И Вы заставляете php дать команду как это: sudo -u postgres /the/restore/script
When using openssl verify
openssl will attempt to use a CAFile
path you specify, if one does not exist it loads the default verify path which is selected when compiled.
On my system that is /etc/pki/tls/cert.pem
.
While Openssl itself does not include any root CA certificates, most operating system distributions that include openssl do include such certificates, so you probably already have the Verisign root certificate installed on your system. For example in Debian Linux, they're in the ca-certificates package.