I am writing a PHP program that runs many shell commands. Sometimes he needs to be called su, and by design I want him to request an elevated privilege password. Use passthru()in PHP is great for this.
I decided to write functional tests only for my program, since it depends on ssh, suand other shell commands. So I want to run the real thing inside PHPUnit to see if it works the way I expect.
Since this requires SSH server and user account settings, I configured the tests to run in Docker. This approach looks like it will be fine - the image is created when it starts, it calls PHPUnit, and then exits. I expect that I can return the result via Docker to a calling system such as Travis CI.
I chose Alpine Linux as my base Docker image, but I'm having problems with terminal distribution. Initially, I thought that PHPUnit was interfering (see the original version of this question), but now I narrowed it down to SSH, or started PHP, or even on the console.
This works great:
su -c whoami
However, it is not:
ssh localhost -t 'su -c whoami'
I get:
su: suid should work correctly
Connection to the local host is closed.
, ssh localhost ( ), , , su one.
ssh , -f , ( " ssh " ), :
ssh localhost -t -f 'su -c whoami'
:
, stdin .
4275760bde94: ~ $su: suid
, ! , , :
ssh localhost -tt -f 'su -c whoami'
-t SUID .
, Ubuntu dev ( PPK ), :
$ ssh localhost -t 'su -c whoami'
Password:
root
Connection to localhost closed.
Alpine BusyBox OpenSSH. ?
, Ubuntu, , , Docker- ( 68M). , , Alpine.
Docker
, Docker , , docker exec -it container_name sh. , ssh, su Docker .
Bash
, Bash Alpine, , :
/ $ apk add bash
bash-4.3$ bash
bash-4.3$ su nonpriv
bash-4.3$ ssh localhost whoami
nonpriv
bash-4.3$ ssh localhost 'su -c whoami'
su: must be suid to work properly
bash-4.3$ ssh localhost 'su -s /bin/bash -c whoami'
su: must be suid to work properly
bash-4.3$ ssh -t localhost 'su -s /bin/bash -c whoami'
su: must be suid to work properly
Connection to localhost closed.
bash-4.3$ ssh -tt localhost 'su -s /bin/bash -c whoami'
su: must be suid to work properly
Connection to localhost closed.
bash-4.3$ ssh -tf localhost 'su -s /bin/bash -c whoami'
Pseudo-terminal will not be allocated because stdin is not a terminal.
bash-4.3$ su: must be suid to work properly
bash-4.3$ ssh -ttf localhost 'su -s /bin/bash -c whoami'
bash-4.3$ su: must be suid to work properly
Connection to localhost closed.
, :
/ $ ssh -t localhost "$( su -c whoami )"
sh: Password:: not found
sh: root: not found
Connection to localhost closed.
Alpine sh "$()", , . Password:, su, . , whoami, root.
, , , , whoami, ssh ( , ), localhost, ( , ).
, stdout, . SSH?