问题
I am want to use PHP to 'exec' a pgp encryption command. Regardless of the command line I get either a err 64 (parser error) or 162 (complete failure during an encode). So I have reduced the command line within the PHP program to this simple fingerprint display which stills errs out:
exec("/opt/pgp/bin/pgp --fingerprint", $results);
If I run "/opt/pgp/bin/pgp --fingerprint" on a command line I get "2 keys found" and the expected display. But the same exec under PHP gives me the parser error 64. I have tried "\n" to the string command and that does not make a difference. The user runs as 'nobody' in the browser which does have execute permission on pgp. (If pgp was not at least starting up I would not even see the 'parser error' from it.)
Is there something special I need to do in order to run pgp under PHP?
I have gone back to trying to actually encrypt a data file. Here is the 'status-file' output that pgp creates. It clearly shows an error on the last line of 'permission denied' on the file I am trying to encrypt 'test.txt'. That is bogus. I have granted all the world r/w to that file and it clearly accesses it becuase the status says it has encrypted the contents. So, really the question is what is permission being denied to?
Some other info: if I run PHP from the command line against this PHP script which calls pgp it works fine - the file gets encrypted. ALso, PERL runs the same commands (using SYSTEM()) when called from the browser. BUT, when the browser is used to call this PHP script it fails. Clearly, there is some permission problem running as 'nobody'.
/export/home/pgphome/.pgp/pubring.pkr:open keyrings (1006:public keyring) /export/home/pgphome/.pgp/secring.skr:open keyrings (1007:private keyring) 0x221DC947:encrypt (1030:key added to recipient list) /export/home/eckankar/dev/www/info/test.txt:encrypt (3048:data encrypted with cipher AES-128) /export/home/eckankar/dev/www/info/test.txt:encrypt (3124:permission denied)
As background here is the argument of the PHP exec() command: /opt/pgp/bin/pgp --encrypt /export/home/eckankar/dev/inc/test.txt --output /export/home/eckankar/dev/www/info/test.xxx -r membership --overwrite remove --home-dir /export/home/pgphome/.pgp -v --status-file /export/home/eckankar/dev/inc/test.txt.err
ALl the folder/directories in this command have granted 'rwx' to the world.
Here is what the status output file looks like when the encrypt succeeds as it does if run from a command line (/opt/csw/php5/bin/php test.php) rather than through the browser:
pgp:encrypt (3157:current local time 2009-06-30T11:51:17-05:00) /export/home/pgphome/.pgp/pubring.pkr:open keyrings (1006:public keyring) /export/home/pgphome/.pgp/secring.skr:open keyrings (1007:private keyring) 0x221DC947:encrypt (1030:key added to recipient list) /export/home/eckankar/dev/inc/test.txt:encrypt (3048:data encrypted with cipher AES-128) /export/home/eckankar/dev/inc/test.txt:encrypt (0:output file /export/home/eckankar/dev/inc/test.txt.pgp)
回答1:
Answer is: need to specify a --temp-dir in the command line.
回答2:
What execution context is this PHP script running in? Interactive command line, cron job, Web server (I do hope not)?
Depending on the answer to that, I might start looking at environment variables that PGP depends on which aren't set when it runs from this script.
回答3:
I know this is old, but I just got bit by it. (pgp 8.5)
As Jim Thomas said, this is a directory permission issue. But at least pgp 8.5 doesn't allow you to set tmpdir in any way I can see.
My solution (pseudocode):
save cwd
chdir(/tmp/)
system()/exec() pgp command
chdir(saved_cwd)
Odd that pgp forces the tmp dir to be created in cwd, but I saw no flag to affect location.
来源:https://stackoverflow.com/questions/1059723/php-exec-pgp-command