Richard,
Thanks for the reply.
'top' shows that the script is being run as nobody.
the '2<' stuff allow the password to be passed as a file descriptor and I
think it is this that is breaking.
I have setup a nobody directory just for this. I then set the HOME variable
to point to this directory.
If on command line, I su to nobody, setup the enviroment variable HOME,
GNUPGHOME etc then run the php script command line it runs perfectly.
The problem seems to be that when running from apache, it can't handle the 2<
bit.
If I set up a test key with no password, then I can run the script perfectly
(ie I don't need to pass the password-fd bit.)
If I use exec, I get the same results.
I'll add the implode bits and try that.
Regards,
Jon
On Saturday 31 Aug 2002 01:06 am, Richard Lynch wrote:
> >Hi,
> >Appologies if this comes through twice. I tried to post it via goolg
> > groups but it didn't seem to work.
> >
> >
> >If I run the following script from within apache, then the script
> >fails and returns $error=2
> ><?php
> >$data="this is a test";
> >$GNUPGHOME="/home/nobody/.gnupg";
> >putenv("GNUPGHOME=$GNUPGHOME");
> >$HOME="/home/nobody/";
> >putenv("HOME=$HOME");
> >system ("echo '$data' |/usr/bin/gpg -vv --clearsign -u testing -o
> >/home/httpd/html/nic/output --passphrase-fd 2
> >2</home/httpd/html/nic/test",$error);
> >print $error;
> >?>
> >.
> >I've seen quite a lot on the web about this suggesting that it's a
> >permissions problem.
> >However, If I add #!/usr/bin/php to the top of the script and make it
> >executable, then su to 'nobody' (which appache runs as) then the
> >script runs perfectly from the command line - so I think that the
> >permissions are all OK.
> >Any ideas where I'm going wrong?
>
> Does <?php phpinfo();?> really and truly say that PHP is running as
> 'nobody'?
>
> Is there really a "nobody" directory? I think part of the point of using
> "nobody" is that they shouldn't even *have* a directory in the first
> place...
>
> If the .gnupg files/directories all involved are owned by 'nobody' anyway,
> make them world readable and writable. It's not all that different at that
> point anyway, since anybody would write a PHP script running as 'nobody' to
> read/write them.
>
> Is /home/httpd/html/nic/output really world-writable?... Scary.
>
> I don't claim to understand that 2< ...test crap, but I'm guessing you're
> trying to re-direct errors somewhere? Try taking that out for now, use
> exec() instead of system() and see what output you actually get:
>
> exec($command, $result, $error);
> echo implode("", $result);
>
> You may be a lead from that on where things are breaking.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
