2
看来,我可以从PHP脚本不cat /dev/urandom,请记住这一点,而阅读下面的
/EDIT
我跑在尝试从PHP执行BASH脚本时出现问题,似乎停止生成rand目录(变量generate)我可以看到,如果将变量字符串更改为类似foo的东西,就像我在第e注释掉了适当执行的脚本部分。
什么是与sghell_exec'ing cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1问题得到本(可能)限制命令序列(多个)用户WWW的数据(DEB基于系统)或的httpd(基于RHEL系统)
的bash脚本
#!/bin/bash
# INP : co.sh ${website} ${branch} ${hash}
set -x # trace
declare -r hostname='localhost'
# bricks
declare -r generate=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
# works
#declare -r generate='foo'
declare -r archive="$1" # git repository name
declare -r branchd="$2" # git repo branch name
declare -r hashmap="$3" # git blob hash (6/~)
# if repository or branch is empty...
if [ '' == "${archive}" ] || [ '' == "${branchd}" ]; then
[ '' == "${archive}" ] && echo -e "ERR: Archive must be defined."
[ '' == "${branchd}" ] && echo -e "ERR: Branch must be defined."
exit 1 # err fatal
fi
# clone repository to rand directory
git clone "[email protected]${hostname}:web-archive/${archive}.git" "/var/www/html/${generate}"
cd "/var/www/html/${generate}" && git checkout "${branchd}"
position='HEAD' # pre-warm
[ '' != "${hashmap}" ] &&
{
git reset "${hashmap}" --hard # move to hash blob
position="${hashmap}" # override position
}
# encode for push
json="{'s':'${archive}','b':'${branchd}','h':'${position}','d':'${generate}'}"
echo -e "\nSUCC: ${json}"
测试运行脚本
#!/usr/bin/php
<?php
$dir=__DIR__; // curr
$site_name='www.foo.com';
$rev_hash='feb2da';
$cmd="$dir/co.sh " . escapeshellarg($site_name) . " 'render' " . escapeshellarg($rev_hash);
echo "running $cmd\n";
$ret = passthru($cmd,$return_status));
跟踪日志
running /{dir_path}/co.sh 'www.foo.com' 'render' 'feb2da'
+ declare -r hostname=localhost
++ cat /dev/urandom
++ fold -w 32
++ head -n 1
++ tr -dc a-zA-Z0-9
你的PHP会话的上下文中运行脚本?在这种情况下,检查这个问题的答案的第2部分:http://stackoverflow.com/questions/13690490/executing-a-program-from-php-hangs-apache – Claudix
@Claudix - 这看起来很漂亮的Windows特定。 ehime - 当你尝试运行它时,或者只有在通过测试运行器运行时,实际的bash脚本失败了吗?你有什么错误,如果有的话? – admdrew
你可以检查/ dev/urandom的权限吗? –