PHP won't be able to execute that code (or similar code).
With this news, then, I've decided to abandon the approach.
Granted I did some investigation first before arriving at this conclusion, but nearly everything I'm finding warns sternly against setting any mechanism or configuration that enables a PHP page to run a process as root.
NEARLY everything, that is...
Here's something called suphp, available at
http://www.suphp.org/, but frankly I'm not comfortable enough with Linux admin to want to do much of anything outside of SME's well-prescribed boundaries.
We still need to maintain the external password store, however, so what I'll do is loop through the users, attempting authentication as I go and then displaying a flag for each one that fails. A failure simply means that the admin needs to manually synchronize that user's passwords between the lists.
It's clunky but it'll work.
Thanks,
Jeff