今天早上我遇到了一个问题,就是用capistrano部署了一个应用程序。
# git push
# cap deploy:setup
发生了一些奇怪的事情,而且我再也无法向我的主人致敬了。
技术人员说(意大利语):“你运行的命令覆盖了shell二进制文件,导致系统无法使用”。两种选择:我是愚蠢的,或者他们错了。 这是 cap上的shell输出:deploy ,然后是ssh上的错误。一旦系统(VPS)重新启动,我就无法再ssh了。
有什么想法吗?
mattia@desktop:/var/www/rails/my_application$ git push
Counting objects: 239, done.
Delta compression using up to 2 threads.
Compressing objects: 100% (191/191), done.
Writing objects: 100% (202/202), 379.77 KiB, done.
Total 202 (delta 44), reused 0 (delta 0)
To ssh://mattia@my_application.it/~/git/my_application.git
96c1f19..3cc9e1c master -> master
mattia@desktop:/var/www/rails/my_application$ cap deploy:setup
* executing `deploy:setup'
* executing "mkdir -p /var/www/rails/my_application /var/www/rails/my_application/releases /var/www/rails/my_application/shared /var/www/rails/my_application/shared/system /var/www/rails/my_application/shared/log /var/www/rails/my_application/shared/pids && chmod g+w /var/www/rails/my_application /var/www/rails/my_application/releases /var/www/rails/my_application/shared /var/www/rails/my_application/shared/system /var/www/rails/my_application/shared/log /var/www/rails/my_application/shared/pids"
servers: ["beta.my_application.it"]
[beta.my_application.it] executing command
** [out :: beta.my_application.it]
** [out :: beta.my_application.it] malloc: ../bash/parse.y:2823: assertion botched
** [out :: beta.my_application.it] nunits < 30
** [out :: beta.my_application.it] Aborting...
command finished
failed: "env PATH=/usr/local/bin:/usr/bin:/bin GEM_PATH=/var/lib/gems/1.9.1 sh -c 'mkdir -p /var/www/rails/my_application /var/www/rails/my_application/releases /var/www/rails/my_application/shared /var/www/rails/my_application/shared/system /var/www/rails/my_application/shared/log /var/www/rails/my_application/shared/pids && chmod g+w /var/www/rails/my_application /var/www/rails/my_application/releases /var/www/rails/my_application/shared /var/www/rails/my_application/shared/system /var/www/rails/my_application/shared/log /var/www/rails/my_application/shared/pids'" on beta.my_application.it
mattia@desktop:/var/www/rails/my_application$ ssh beta.my_application.it
Linux my_application 2.6.18-194.26.1.el5.028stab079.2ent #1 SMP Fri Dec 17 19:44:51 MSK 2010 i686
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Mon Feb 7 12:00:53 2011 from dynamic-adsl-xx-xx-xx-xx.------.------.it
malloc: ../bash/subst.c:4494: assertion botched
realloc: called with unallocated block argument
Aborting...Connection to beta.my_application.it closed.
答案 0 :(得分:2)
简短的答案是否定的,除非你有其他非标准的插件,或者有人给你一个乱糟糟的宝石。 (几乎没有人愿意验证gem签名。)标准部署:setup只创建了几个符号链接和目录。
它确实以root运行,理论上如果您要将变量设置为值(未经测试),例如set :deploy_to, '/bin/bash',则可能会损坏二进制文件,但除非你这样做,否则我认为这不是问题。
您可以在命令模式下使用SSH来调试它,而不依赖于shell:
# ssh myuser@myserver -c 'history'
将转储该用户的历史文件(bash),以便您可以测试服务器上是否有任何篡改,您也可以将其作为root检查,和/或运行who等命令,last以及其他提供回溯日志的单行(您也可以cat /var/log/messages查找可疑活动。
我要说Capistrano对此负责的机会是0(来源:我是维护者。) - 但是你可以使用SHS命令模式让你的系统回到工作状态,正如我所提到的上面(例如ssh myuser@myserver -c 'aptitude install bash --force')
明智的一句话,如果你从未弄清楚这是怎么发生的,请擦除服务器并更改你的密码......只需使用它作为一种方法来恢复和运行。这不是一个非常微妙的策略,但是如果你被黑客入侵,那么黑客可以通过让一个使用替代shell的用户并腐蚀你的用户来轻易地将你抛弃。
如果管理员可以给你/bin/bash - 文件的内容,那么你的管理员也会提供巨大的帮助,这样你就可以看到它是文本,垃圾,损坏的二进制文件,还是部署的东西。