Question

修改

似乎我不能从PHP脚本中cat /dev/urandom，请在阅读以下内容时牢记这一点

/修改

我在尝试从PHP执行BASH脚本时遇到了一个问题，似乎停止生成rand目录（变量generate）我可以看到我是否将变量字符串更改为{{1}正如我在脚本的注释掉部分所做的那样，它会正确执行。

sghell_exec'ing foo的问题是这个（可能）限制命令序列到用户www-data（基于DEB的系统）或httpd（基于RHEL的系统）

bash脚本

cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1

测试跑步者脚本

#!/bin/bash

# INP : co.sh ${website} ${branch} ${hash}

set -x # trace

declare -r hostname='localhost'

# bricks
declare -r generate=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)

# works
#declare -r generate='foo'

declare -r archive="$1" # git repository name
declare -r branchd="$2" # git repo branch name
declare -r hashmap="$3" # git blob hash (6/~)


# if repository or branch is empty...
if [ '' == "${archive}" ] || [ '' == "${branchd}" ]; then

   [ '' == "${archive}" ] &&  echo -e "ERR: Archive must be defined."
   [ '' == "${branchd}" ] &&  echo -e "ERR: Branch must be defined."

       exit 1 # err fatal
fi

    # clone repository to rand directory
    git clone "git@${hostname}:web-archive/${archive}.git" "/var/www/html/${generate}"
    cd "/var/www/html/${generate}" && git checkout "${branchd}"

    position='HEAD' # pre-warm

    [ '' != "${hashmap}" ] &&
    {
        git reset "${hashmap}" --hard   # move to hash blob
        position="${hashmap}"           # override position
    }

    # encode for push
    json="{'s':'${archive}','b':'${branchd}','h':'${position}','d':'${generate}'}"

echo -e "\nSUCC: ${json}"

跟踪日志

#!/usr/bin/php
<?php

$dir=__DIR__; // curr

$site_name='www.foo.com';

$rev_hash='feb2da';

$cmd="$dir/co.sh " . escapeshellarg($site_name) . " 'render' " . escapeshellarg($rev_hash);

echo "running $cmd\n";
$ret = passthru($cmd,$return_status));

Answer 1

由于PHP不喜欢在/dev/urandom上运行，以下是可接受的妥协

openssl rand -base64 36 | tr -dc 'a-zA-Z0-9'

从PHP运行bash脚本停止

1 个答案: