brumleyscott has asked for the wisdom of the Perl Monks concerning the following question:

Hi I'm trying to use SSH::Expect from a cgi scripts. I want the page to remote login to other machines via a webpage. The program works fine from the command line, but the webpage does not. I'm guessing that apache doesn't have rights to ssh. Does any body have any clues? Sincerely, Scott

Replies are listed 'Best First'.
Re: SSH::Expect on Webpage
by moritz (Cardinal) on Jul 30, 2008 at 14:58 UTC
    Don't just guess, look at the log files. If you coded your program correctly it will give you a nice, informative error message telling you what went wrong. If not, go fix your script.

    On my linux box ssh has permissions 755, which means that everybody, including apache, can use it. If you happen to have selinux installed and enabled that might be different, though.

[reply]
Re: SSH::Expect on Webpage
by dwm042 (Priest) on Jul 30, 2008 at 15:27 UTC
    As moritz has pointed out, ssh generally allows anybody to use it. Since the problem likely lies in a difference in your cli and cgi environment, one possibility is that your CGI scripts do not have ssh in their PATH. If so, giving the absolute path to ssh would resolve the issue.

    In any event, the other bit of advice moritz gave is also useful. Look at the Apache error log and see if it doesn't just tell you what the problem is.

[reply]
Re: SSH::Expect on Webpage
by jdrago_999 (Hermit) on Jul 30, 2008 at 18:51 UTC
    I ran into the same problem a couple weeks ago.

    What worked fine on httpd running under Ubuntu 8.04 did not work at all under Fedora Core 8. Had to do with the httpd/daemon user using a different shell (sh vs bash), different user permissions, different TTY settings, etc, etc, etc.

    My solution will be to use a daemonized Perl script running under a user account that will take care of the SSH behavior, while the CGI (or actually mod_perl2 in this case) portion just interacts with the daemon through a "queue" (in a MySQL database table).

    I've used this pattern in the past for other reasons, and it has generally worked out very well. It also scales out a bit better too, since I could conceivably have multiple daemons running on different servers, each working from the same queue, leaving the httpd server to simply process web requests, instead of dealing with remote servers as well.
[reply]
Re: SSH::Expect on Webpage
by farnsaw (Initiate) on Aug 01, 2008 at 14:03 UTC
    You don't state what platform you are running on. If you are running under windows, you will find that CGI is most likely setup to run as the "nt authority\system" user by default. When you are running as the "nt authority\system" user, you don't have network access which will preclude you from successfully running your script. Even if you are running under Linux / Unix you should still check which user your script is running as and what permissions they have.
[reply]
      I'm an equal opportunity code monkey. ;) Either is fine by me. My preference is Linux and I thought it would easier under Linux. It is trying to run as apache. Every combination I have tried of permissions has failed to produce fruit, so I thought I might be missing something. Do I need to try chmod u+s and add root as one the user or the group? Sincerely, Scott
[reply]

Back to Seekers of Perl Wisdom