I can easily connect to a remote MySQL server using the DBI module in my Perl scripts. However, when I try to use the same connection settings/properties from within a CGI script, the connection fails.
There are no helpful errors/warnings being logged either in the apache error log, or the browser, in spite of using
use CGI::Carp qw(warningsToBrowser fatalsToBrowser);
Strangely, the exact same script works fine when executed from the terminal. I also tried connecting the CGI script to the MySQL server on localhost, but without any success.
On the other hand, phpMyAdmin works great on the machine.
I'm using CentOS Release 5.8. I'm suspecting it is a system/priveleges issue with the apache user or anywhere else on the OS, but have hit a dead end.
Any pointers would be much appreciated!
Thanks a lot.
Edit: I'm using the following connection string
$dbh = DBI->connect($ds, $uname, $pwd,{RaiseError => 1 }) or die "$DBI::errstr Could not connect: $!<br>";
Fixed it. In case anyone not too familiar with Linux administration faces similar issue, here's what had happened. The security system 'selinux' on my CentOS machine was prohibiting the httpd to establish network connection to the remote MySQL server. It had to be explicitly enabled with the following command
setsebool -P httpd_can_network_connect=1
One can read more about selinux over here:
http://wiki.centos.org/HowTos/SELinux
Check what users you have set up in MySQL. If you're trying to connect across a network connection, you could have a problem with the host association for the user.
Try:
select host,user from mysql.user
Related
I am kind of a stuck in a situation where I want to use python script to connect to a VPN and then connect to the Mongo Client. Our company has given me a ovpn file which I connect to using OPENVPN connect client. After the VPN connection is made, I then connect to the mongo client/server with the pymongo module in python and everything works fine and i can run all the relevant scripts on the DB.
I want to ask if it is possible to NOT use the OPENVPN connect client(because this actually connects my whole internet to the VPN and that what i dont want) and somehow use the OVPN file in python script and connect to the mongo server. I heard the that we can use the subprocess module to connect using a OVPN file but dont know how.
I am on a windows computer if this information helps. I how i got the message across. Any help will be appreciated.
here is the script i wrote but it gave me a server timeout error.
import subprocess
import pymongo
subprocess.run(["openvpn", "--config", "test-vpn.ovpn" ], shell = True)
client = pymongo.MongoClient('CONNECTIONSTRING')
client.list_database_names()
I explain my problem:
I used backuppc for remote some database on an other server and for saving my data I used rsync which uses ssh. On my remote server I put the ssh key of backuppc and it worked.
But I wanted to secure this connexion, so I used rrsync (a perl script for restrict the access), for a "read-only" access with copy.
So now, in the remote server I have in root/ssh/authorized_keys
command="/usr/local/bin/rrsync -ro /" ssh-rsa
But when I try to connect I have this message:
/usr/local/bin/rrsync: Not invoked via sshd
It's a message from the perl script, but I don't know what it means or what can I do for this to work.
As far as I can tell, this message appears when you try to access the server with the restricted key without using rsync. It may be possible to edit the script to allow other programs, but I'm not skilled enough to attempt that.
I have a Linux machine where I have created a cgi script (JarPatch.cgi), the code of which looks like this:
#!/usr/bin/perl
use warnings;
print "Content-type: text/html\n\n";
system ("sh JarPatch.sh");
The code of JarPatch.sh looks like this:
#!/bin/bash
echo "Inside jar patching tool";
PJS_DEV=app4915#slcai833.us.oracle.com;
ssh -f $PJS_DEV "cd /slot/ems4915/appmgr/tmp; echo stopping server ; ./find_stop_servers.sh;"
echo "Exit jar patching tool";
This script will basically shut down a server running on the remote machine
Problem statement is this:
When I execute this cgi script through Linux terminal. I can see that the ssh commands are getting executed. Server is shut down.
When I access the cgi script through a windows machine in a browser, the shell script is invoked but ssh seems not to be working.
Can any one give me a pointer to resolve this issue please?
I am new to perl/shell integration. So might be missing something small as well.
Thanks
When you ssh from windows machine all connections are made as webuser which is not authorized to ssh into remote machine. On other hand when you ssh from linux terminal you are able to ssh as user there is authorized to do so. This is because linux user has its ssh key on remote server.
You can also try to look into ProxyCommand which might come to rescue but i have no idea how it will work with windows.
Other approach is to create ssh keys for webuser and put them into remomte server which will be security risk.
When you run it as yourself ssh is offering your keys to authenticate you. When you run it through the webserver, the webserver user is trying to run the ssh command, and does not have your ssh keys to offer, so is probably being prompted for a password, and not successfully logging in.
You could fix this by generating ssh keys for the webserver user and sharing that key with the target system as well, which has some security implications to say the least.
Encounter a question here whereby need help from you guys
I am writing a perl script that will be executed in a UNIX machine. In that script, I will perform an operation of 'ssh' to port over to other Unix domain (from A ssh to B). The problem now is after I port over to domain B, I still need to perform some operations from the perl script (for example: echo Hello World!). The issue here is after port over to the new unix domain, the following script after 'ssh' could not be performed as the script still over the "old domain". Is that anyway to solve this issue or any better way to achieve the same objective?
You can use the Expect module to open an SSH connection and execute commands over it via Perl.
If you need help beyond that, you'll have to explain more specifically what you are trying to do. It is possible that you have the wrong design for solving your task.
Try doing it like this:
ssh <servername> "echo 'hello world'";
Also check ssh with -t option.For checking if this echo command is running on the server or the localhost, try some other command like ls".
Note: : ssh connection will get closed when script will terminate.
I have a perl script that should execute on the log files in the remote server from my local desktop. Could some one suggest me best approach.
I used Net::SFTP but there is a problem with installing SFTP package from CPAN. Is there any good package available in Perl to do this functionality?
Can you tell me whether the following steps are fine?
Open SFTP connection with remote server
execute the perl at remote location from the established connection..
Any sample code for this?
If you mean that the Perl script is on the remote unix server and you want to invoke the Perl script from your local machine, then you can ssh into the remote unix server and then once you are connected, call your perl script using perl yourscript.pl.
If you mean that the Perl script is on your local machine and you are dealing with log files on the remote server, then it would be more efficient to have the Perl script located on the remote server that stores the logs, and invoke it in the way described in the above paragraph.
I'm not clear exactly what you are trying to achieve but if you just want to execute a Perl script on a remote server you may want to look at software specifically built for remote server management.
Tak is one such piece of software but it's quite new and a bit lacking in documentation.
Rex is a more mature, it would seem, piece of software for remote server management.
Both of these should allow you to run commands locally that perform actions remotely on your servers. I wouldn't have thought you'd need to do anything with SFTP and would think you could do it all with those or hand-rolling something with commands over SSH.
Instead of Net::SFTP, try using Net::SFTP::Foreign or, if you want to run commands on the remote host via SSH, Net::SSH2 or Net::OpenSSH .