当我从浏览器运行 perl CGI 脚本时,它在 apache 错误日志中给出以下错误。它没有得到服务器的响应。当我从命令提示符运行我的脚本时,它工作正常。
我在我的 perl CGI 脚本中使用下面的代码
my %opts = (
user => "uname",
password => "password",
ctl_dir => "/tmp/.libnet-openssh-perl",
strict_mode => 0,
);
my $ssh = Net::OpenSSH->new("192.168.0.201",%opts,master_opts => ['-vvv', -o => "StrictHostKeyChecking=no" ] );
$ssh->system("ls /home/sysadmin/") or
die "remote command failed: " . $ssh->error;
错误日志:
[Tue Jul 01 13:05:52 2014] [error] [client 192.168.0.136] debug3: preferred keyboard-interactive,password\r, referer:
[Tue Jul 01 13:05:52 2014] [error] [client 192.168.0.136] debug3: authmethod_lookup password\r, referer:
[Tue Jul 01 13:05:52 2014] [error] [client 192.168.0.136] debug3: remaining preferred: ,password\r, referer:
[Tue Jul 01 13:05:52 2014] [error] [client 192.168.0.136] debug3: authmethod_is_enabled password\r, referer:
[Tue Jul 01 13:05:52 2014] [error] [client 192.168.0.136] debug1: Next authentication method: password\r, referer:
[Tue Jul 01 13:05:52 2014] [error] [client 192.168.0.136] debug3: packet_send2: adding 48 (len 62 padlen 18 extra_pad 64)\r, referer:
[Tue Jul 01 13:05:52 2014] [error] [client 192.168.0.136] debug2: we sent a password packet, wait for reply\r, referer:
[Tue Jul 01 13:05:52 2014] [error] [client 192.168.0.136] debug1: Authentication succeeded (password).\r, referer:
[Tue Jul 01 13:05:52 2014] [error] [client 192.168.0.136] Authenticated to 192.168.0.201 ([192.168.0.201]:22).\r, referer:
[Tue Jul 01 13:05:52 2014] [error] [client 192.168.0.136] debug1: setting up multiplex master socket\r, referer:
**[Tue Jul 01 13:05:52 2014] [error] [client 192.168.0.136] debug3: muxserver_listen: temporary control path /tmp/.libnet-openssh-perl/sysadmin-192.168.0.2-28537-877268.LF0y9f2rHmaMBPaq\r, referer:
[Tue Jul 01 13:05:52 2014] [error] [client 192.168.0.136] muxserver_listen bind(): Permission denied\r, referer:
[Tue Jul 01 13:05:52 2014] [error] [client 192.168.0.136] remote command failed: unable to establish master SSH connection: bad password or master process exited unexpectedly at /var/cgi-bin1/GnipReplay.cgi line 43., referer:
如果您在 RHEL 或 CentOS 上运行 SELinux 可能会阻止脚本启动网络连接。
确认您正在使用 SELinux 在强制模式下运行
getenforce
.测试问题是否消失,暂时将 SELinux 设置为许可模式:
setenforce 0
如果您现在重试并且您的脚本有效,那么您已经找到了罪魁祸首。
恢复 SELinux
setenforce 1
并尝试设置 SELinux 布尔值是否可以解决您的问题。在 RHEL/CentOS 6setsebool -P httpd_can_network_connect=1
上可能是其中之一。