jtzako has asked for the wisdom of the Perl Monks concerning the following question:

I have a perl script that uses Net::OpenSSH and Net::Telnet. I am able to run the script from the command line of my server (solaris) and it seems to run correctly, including the ssh and telnet parts.

However, if I try to exec that script from php it doesnt work. The files the script is supposed to create do not get created, and in the error_log I see some errors related to libssh2.so and ssh2.so. However, my PHP code has no SSH related lines. Only the Perl does.

I see this line in the log quite a few times: 

[Fri Apr 01 15:11:57 2016] [warn] (128)Network is unreachable: connect
+ to listener on [::]:443

[download]
I also see this: 
ssh: illegal option -- M
Usage: ssh [options] host [command]
Options:
  -l user     Log in using this user name.
  -n          Redirect input from /dev/null.
  -F config   Config file (default: ~/.ssh/config).
  -A          Enable authentication agent forwarding.
  -a          Disable authentication agent forwarding (default).
  -X          Enable X11 connection forwarding.
  -x          Disable X11 connection forwarding (default).
  -i file     Identity for public key authentication (default: ~/.ssh/
+identity)
  -t          Tty; allocate a tty even if command is given.
  -T          Do not allocate a tty.
  -v          Verbose; display verbose debugging messages.
              Multiple -v increases verbosity.
  -V          Display version number only.
  -q          Quiet; don't display any warning messages.
  -f          Fork into background after authentication.
  -e char     Set escape character; ``none'' = disable (default: ~).
  -c cipher   Select encryption algorithm
  -m macs     Specify MAC algorithms for protocol version 2.
  -p port     Connect to this port.  Server must be on the same port.
  -L listen-port:host:port   Forward local port to remote address
  -R listen-port:host:port   Forward remote port to local address
              These cause ssh to listen for connections on a port, and
              forward them to the other side by connecting to host:por
+t.
  -D port     Enable dynamic application-level port forwarding.
  -C          Enable compression.
  -N          Do not execute a shell or command.
  -g          Allow remote hosts to connect to forwarded ports.
  -1          Force protocol version 1.
  -2          Force protocol version 2.
  -4          Use IPv4 only.
  -6          Use IPv6 only.
  -o 'option' Process the option as if it was read from a configuratio
+n file.
  -s          Invoke command (mandatory) as SSH2 subsystem.
  -b addr     Local IP address.
login failed: filehandle isn't open at /opt/apache/htdocs/enrc/cgi-bin
+/metro_cm_tool.pl line 130

[download]

The PHP code: 

<?php

exec("/usr/bin/perl522/bin/perl /opt/apache/htdocs/enrc/cgi-bin/metro_
+cm_tool.pl");

?>

[download]

I cant figure out what PHP is doing differently than when I run the script from the command line directly.

Replies are listed 'Best First'.
Re: Execute a perl script from PHP?
by kcott (Archbishop) on Apr 02, 2016 at 11:16 UTC

    G'day jtzako,

    "ssh: illegal option -- M"

    This sounds like a pathing issue. You have code somewhere that's expecting ssh to have an M option; however, the version of ssh that's been found (using PHP) has no such option. Presumably, your command line version, does have an M option.

    From your update:

    "If I run the script manually using my own login it works. However if I try to sudo -su to the web server's username it never connects ..."

    That's a bit more evidence in favour of a pathing problem. Here's the type of thing that I think's happening: 

    $ which ssh
/opt/local/bin/ssh
$ ssh -V
OpenSSH_5.9p1, OpenSSL 1.0.0e 6 Sep 2011
$ echo $PATH
...:/opt/local/bin:...:/usr/bin:...
$ sudo su -
Password:
# which ssh
/usr/bin/ssh
# ssh -V
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
# echo $PATH
...:/usr/bin:...

    [download]
    "... the error_log I see some errors ..."

    This is a good place to look when troubleshooting; another is access_log (see Log Files). You might also consider temporarily changing the LogLevel for more verbose feedback.

    See also: Environment Variables in Apache; Apache Module mod_ssl; Apache HTTP Server Documentation.

    — Ken

[reply]
[d/l]
[select]
Re: Execute a perl script from PHP?
by jtzako (Sexton) on Apr 01, 2016 at 22:10 UTC
    So an update to this: If I run the script manually using my own login it works. However if I try to sudo -su to the web server's username it never connects w/Net::OpenSSH. Which then leads to it failing the telnet part also. I'm guessing its a permissions issue that the webserver is not able to do the SSH but I get no log entries indicating any problems.
[reply]

      Maybe your web server machine runs SELinux or something that prevents the Apache user from making outbound network requests.

      If you can reduce the Perl script to a minimal, self-contained script to reproduce the problem, maybe somebody can find the reason why things don't work.

      Have you tried launching the script directly, without PHP in the middle? Maybe from a shell script or a tiny Perl script.

[reply]

      There is also the potential that this is an environment issue or permissions. There are variables that can change where stuff is looked for on the system (LD_LIBRARY_PATH, PERL5LIB, PATH, ...) that may be set differently on a user-by-user basis.

      You could do an env from your own login and the login of the web server, and compare the differences. I would guess that the web server is a bit more restricted / limited / just plain different than your user's environment.

      --MidLifeXis

[reply]
[d/l]

Back to Seekers of Perl Wisdom