- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- webmin / perl cgi scripts
Operating System - HP-UX
1754836
Members
4496
Online
108825
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-18-2004 07:32 PM
05-18-2004 07:32 PM
Im trying to call an OS command from within a cgi ( PERL ) script and then output the result to the browser.
If i run via the commandline it works and i get the result, but it takes a while ( approx 30 secs ).
When i call the same command from within the script i never see the result. I can see the command being executed though, but i think a timeout is preventing the thing from showing me the result.
the command looks like follows
local $out = system("/opt/ssh/bin/ssh -t sshuser@hostname '/opt/sudo/bin/sudo /opt/omni/lbin/statd /dev/scsi/ESL9000'");
print $out;
The command gets a list of the drive contents.
SSH has been setup for keyed logins and works just fine.
The script "statd" does a call to uma and passes the command "stat d" via STDIN.
Like i said, if i take that command and run it manually i get the result i want.
Any Ideas on how to increase the timeout ?
If i run via the commandline it works and i get the result, but it takes a while ( approx 30 secs ).
When i call the same command from within the script i never see the result. I can see the command being executed though, but i think a timeout is preventing the thing from showing me the result.
the command looks like follows
local $out = system("/opt/ssh/bin/ssh -t sshuser@hostname '/opt/sudo/bin/sudo /opt/omni/lbin/statd /dev/scsi/ESL9000'");
print $out;
The command gets a list of the drive contents.
SSH has been setup for keyed logins and works just fine.
The script "statd" does a call to uma and passes the command "stat d" via STDIN.
Like i said, if i take that command and run it manually i get the result i want.
Any Ideas on how to increase the timeout ?
Solved! Go to Solution.
1 REPLY 1
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-18-2004 08:16 PM
05-18-2004 08:16 PM
Solution
Perl's system() call ideed will pass the command for execution to either the shell, or the OS (depending on context of its args).
But it won't dump the command's output.
Instead what you get is the exit value of the intrinsic wait() call (you can get the command's exit value by an 8 byte right shift).
What you need to dump the command's output in the HTML markup of your CGI script would be to open a pipe and read from this pipe.
This can be accomplished in many ways (following Perl's TIMTOWTDI; another method could be using backticks which set up the pipe implicitly for you, but gives less control and thus less security).
The easiest way to set up the pipe is an open() call with a trailing pipe character.
e.g.
my $cmdstr = '/opt/ssh/bin/ssh ...';
open MYPIPE, "$cmd |" or die "cannot pipe from ssh: $!";
while () {
# parse output here
}
close MYPIPE;
Be careful if the content of $cmd above is derirved from user input.
Then it is called to be "tainted", and can pose a security hazard because $cmd is parsed and executed through the shell.
To avoid this you could fork() and exec() and set up your pipe manually.
But there is a nice feature of the open() call that even relieves you from setting up the pipe while giving you the liberty of forking.
e.g.
my $pid = open MYPIPE, '-|';
die "cannot fork: $!" unless defined $pid;
if ($pid) { # parent's block
while () {
# parse output from child here
} else { # child's block
# do some untainting here, e.g. setting up %ENV
exec '/opt/ssh/bin/ssh', qw(other args to command);
die "oops, exec failed";
}
close MYPIPE; # parent will block until it closes the pipe
All this IPC stuff is much better explained in
"perldoc perlipc"
"perldoc perlopentut"
But it won't dump the command's output.
Instead what you get is the exit value of the intrinsic wait() call (you can get the command's exit value by an 8 byte right shift).
What you need to dump the command's output in the HTML markup of your CGI script would be to open a pipe and read from this pipe.
This can be accomplished in many ways (following Perl's TIMTOWTDI; another method could be using backticks which set up the pipe implicitly for you, but gives less control and thus less security).
The easiest way to set up the pipe is an open() call with a trailing pipe character.
e.g.
my $cmdstr = '/opt/ssh/bin/ssh ...';
open MYPIPE, "$cmd |" or die "cannot pipe from ssh: $!";
while (
# parse output here
}
close MYPIPE;
Be careful if the content of $cmd above is derirved from user input.
Then it is called to be "tainted", and can pose a security hazard because $cmd is parsed and executed through the shell.
To avoid this you could fork() and exec() and set up your pipe manually.
But there is a nice feature of the open() call that even relieves you from setting up the pipe while giving you the liberty of forking.
e.g.
my $pid = open MYPIPE, '-|';
die "cannot fork: $!" unless defined $pid;
if ($pid) { # parent's block
while (
# parse output from child here
} else { # child's block
# do some untainting here, e.g. setting up %ENV
exec '/opt/ssh/bin/ssh', qw(other args to command);
die "oops, exec failed";
}
close MYPIPE; # parent will block until it closes the pipe
All this IPC stuff is much better explained in
"perldoc perlipc"
"perldoc perlopentut"
Madness, thy name is system administration
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP