网站建设外文文献,网站收录一键提交,国内十大高端定制西服品牌,wordpress置顶文章 插件TLDR;我有一个shell脚本,从命令行运行时工作正常,但如果从PHP脚本中调用(通过Web访问)则不行.在这两种情况下,主叫用户都是www-data.线路失败是这样的#xff1a;openssl genrsa -des3 -out certs/$PCODE.key -passout env:PASSPHRASE 2048为什么会这样#xff1f;我该怎么调…TLDR;我有一个shell脚本,从命令行运行时工作正常,但如果从PHP脚本中调用(通过Web访问)则不行.在这两种情况下,主叫用户都是www-data.线路失败是这样的openssl genrsa -des3 -out certs/$PCODE.key -passout env:PASSPHRASE 2048为什么会这样我该怎么调试呢全文我有以下脚本,它是this gist的略微修改版本,用于生成自签名SSL证书.当我从终端运行它作为www-data时,它可以正常工作并生成密钥文件,CSR和SSL证书文件.但是当我从PHP脚本中调用脚本时,它会输出错误并且不会生成任何文件.是什么导致失败我该怎么调试呢从终端memachine$sudo su www-datawww-datamachine$./gencert.sh acmewww-data will generate an SSL cert for acme.devCommand after line 32 executed oKPassphrase expoted as I7gOnWxWd0hOk38Zu ... FbxL3K3RzlvGenerating RSA private key, 2048 bit long modulus...............................................................e is 65537 (0x10001)Command after line 49 executed oKCommand after line 54 executed oKCommand after line 65 executed oKwriting RSA keyCommand after line 69 executed oKSignature oksubject/CIR/STAlborz/.../emailAddressnoreplyacme.devGetting Private keyCommand after line 74 executed oK产生的文件 certs / acme.key.org certs / acme.key certs / acme.csr certs / acme.crt来自PHP$r /var/www/testbench/pm/shell/gencert.sh acme;echo $r;没有生成文件,输出如下www-data will generate an SSL cert for acme.devCommand after line 32 executed oKPassphrase expoted as 1Fd1seZoe2XF ... oSmQFJdVpdwOeTo2CK5VjLxpError. Return value 1 after line 49返回1的行是这样的openssl genrsa -des3 -out certs / $PCODE.key -passout envPASSPHRASE 2048这是修改后的shell脚本#!/bin/bash# Bash shell script for generating self-signed certs. Run this in a folder, as it# generates a few files. Large portions of this script were taken from the# following artcile:## http://usrportage.de/archives/919-Batch-generating-SSL-certificates.html# https://deliciousbrains.com/ssl-certificate-authority-for-local-https-development/# Additional alterations by: Brad Landers# Date: 2012-01-27# Script accepts a single argument, the fqdn for the certPCODE$1if [ -z $PCODE ]; thenecho Usage: $(basename $0) exit 11fiTHE_USER$(whoami)echo $THE_USER will generate an SSL cert for $PCODE.devfail_if_error() {[ $1 ! 0 ] {echo -n Error. Return value $1 after line $LASTLINEunset PASSPHRASEexit 10}echo Command after line $LASTLINE executed oK}# Generate a passphraseLASTLINE${LINENO}export PASSPHRASE$(head -c 500 /dev/urandom | tr -dc a-z0-9A-Z | head -c 128; echo)fail_if_error $?echo -n Passphrase expoted as printenv PASSPHRASE# Certificate details; replace items in angle brackets with your own infosubjCIRSTAlborzOACMElocalityNameKarajcommonName*.$PCODE.devorganizationalUnitNameWebAdminemailAddressnoreply$PCODE.devLASTLINE${LINENO}# Generate the server private keyopenssl genrsa -des3 -out certs/$PCODE.key -passout env:PASSPHRASE 2048fail_if_error $?LASTLINE${LINENO}# Generate the CSRopenssl req \-new \-batch \-subj $(echo -n $subj | tr \n /) \-key certs/$PCODE.key \-out certs/$PCODE.csr \-passin env:PASSPHRASEfail_if_error $?LASTLINE${LINENO}cp certs/$PCODE.key certs/$PCODE.key.orgfail_if_error $?LASTLINE${LINENO}# Strip the password so we dont have to type it every time we restart Apacheopenssl rsa -in certs/$PCODE.key.org -out certs/$PCODE.key -passin env:PASSPHRASEfail_if_error $?LASTLINE${LINENO}# Generate the cert (good for 10 years)openssl x509 -req -days 3650 -in certs/$PCODE.csr -signkey certs/$PCODE.key -out certs/$PCODE.crtfail_if_error $?解决方法:要执行的命令具有相对路径,例如certs / $PCODE.key.当您执行命令时(在这种情况下通过反引号操作符),路径相对于PHP进程的当前工作目录进行扩展.这很少(如果有的话)与命令shell使用的路径相同.要调试这个,你可以使用strace扩展你的实际命令,例如strace openssl ….这将为你提供相当大的诊断功能,接近最后,你会看到EPERM的内容.要解决此问题,您可以在PHP中使用chdir来设置当前工作目录,也可以在脚本中使用cd,或者您的脚本可以使用绝对路径.我更喜欢后者.标签php,shell,command-line,sh来源 https://codeday.me/bug/20190627/1305955.html
