views:

931

answers:

7

Hello,

When i try to execute a program from php5 on my debian, the webpage freeze and the program do nothing. This script works when i call it from the command line. Safe mode is disabled. Echo stdout doesnt work (because of the freeze). I read some answers in google which tells of www permissions but if someone here have a quick and simple response...

How to debug this ?

The php call

exec("expect scripts/sshtest.exp $module");

The script code (which i found here http://bash.cyberciti.biz/security/expect-ssh-login-script/)

#!/usr/bin/expect -f
# set Variables
set module [lrange $argv 0 0]
set timeout -1
# rsync 
spawn rsync -aCb --progress --delete --backup-dir=/var/www/blabla.com/rsyncBackups/BackupedFilesFromServer23_on_  /var/www/blabla/$module  -e ssh [email protected]:/root/$module
match_max 1000000
# Look for passwod prompt
expect "*?assword:*"
# Send password 
send -- "THEPASSWORD\r"
# send blank line (\r) to make sure we get back to gui
send -- "\r"
expect eof
+1  A: 

Try

passthru("expect scripts/sshtest.exp $module 2>&1");

The 2>&1 redirects stderr to stdout and using passthru instead of exec will give you all the output.

Greg
freeze dont let me see the output.
belaz
and no apache error log
belaz
A: 

Another common catch is that when you run the command you are a different user from when apache runs the command. And often, the user apache runs as has very limited set up for security reasons.

eg. The apache user might not have the right paths installed. Use the absolute path to expect, not the relative. You can find this by running 'which expect'.

Try to 'su' to the same user apache runs as (look for 'User' command in apache conf file or simply browse 'ps aux') and run the command and see what errors you get.

James
A: 

The "user" or the "group" PHP is using to exec commands may have insufficient rights to execute one cmd in the script (or even expect itself). Have you tried using sudo to run the script as the same user you have been testing with?

timdel
+1  A: 

Why use expect at all? Set up rsync to use public/private keys (see http://troy.jdmz.net/rsync/index.html) and you will not have to use expect to enter passwords.

Marie Fischer
A: 

Are you running mod___php or suPHP?
mod_php runs scripts as the Apache user so try to su to the apache user and then run the php script from shell "php scriptname.php" and see if it's working.
If you use suPHP then su to the user under which you've setup apache to tun those scripts and the so the same "php scriptname.php" and check for the output.

daniels
A: 

Be careful with expect over php that you wait long enough before putting in your next command, and also that all your variables are correct. Greg's pointer on using 2>&1 saved me a lot of hassle.

try running

passthru("expect -d scripts/sshtest.exp $module");

-d will save your life in expect.

A: 
  1. If you're using exec instead of passthru, do it in this way: exec("/bin/bash -c 'command' > logfile_to_read_or_include_next");

  2. If you want to mess your system with spawned processes:

write a perl/c script, that would process your requests.

#!/usr/bin/perl -w
use HTTP::Daemon;
use HTTP::Status;
use strict;
  my $d = HTTP::Daemon->new(LocalPort => 10050) || die;
  print "Please contact me at: <URL:", $d->url, ">\n";
  while (my $c = $d->accept) {
      while (my $r = $c->get_request) {
          if ($r->method eq 'GET' and $r->uri->path =~/addRequest-(.*)$/) {
                # variable $1 now has your request.
                 my $rq = $1; # wash me!
                # assign it a #ID, 
                 my $id = "id".time().rand(100);
                 &run_in_another_thread($rq,$id);
              $c->send_responce($id);
          } elsif ($r->method eq 'GET' and $r->uri->path =~/seeRequest-(.*)$/) {
             $c->send_responce( &get_result_for_id($1) );
          }
          else {
              $c->send_error(RC_FORBIDDEN)
          }
      }
      $c->close;
      undef($c);
  }
}

sub run_in_another_thread {
 my ($rq,$id) = @_;
 my $evil = threads->create( sub { qx"/bin/bash -c '$rq' > logfile_$id.log" # start process
  }->detach();
}

sub get_result_for_id {
 my ($id) = @_;
 return qx"cat logfile_$id.log";
}

Next, get 127.0.0.1/addRequest-expect from your code, and voila..

mhambra