• SELINUX设为Disable 影响java SSH工具包Jsch 0.1.49.jar的一个案例


    最近项目中遇到一个典型事件,当RHEL 的SELINUX设为DISABLE时

    使用JAVA的Jsch 库调用SSH命令时将随机返回空字符串,我使用的版本是0.1.49,最新版本0.1.51未测试。

    关于Jsch: http://www.jcraft.com/jsch/

    为此,我特意写了一个程序测试:

    package com.ibm.leo;
    
    import com.ibm.gts.cms.common.guestssh.api.GuestSshServiceFactory;
    import com.ibm.gts.cms.common.guestssh.api.IGuestSshProperties;
    import com.ibm.gts.cms.common.guestssh.api.IGuestSshService;
    import com.ibm.gts.cms.common.guestssh.api.IScriptResponse;
    
    public class GuestSSH {
        /**
         * This code snippet will validate that the guestssh service remove execute will return null randomly  if the selinux was disabled. 
         * */
    	public static void main(String[] args) {
    		try{
    		int sshRC=-1;
    		if(args.length<3){
    			System.out.println("Usage: java -jar testssh.jar <Host IP> <command> <count>");
    			System.exit(1);
    		}
    		
    		int count=Integer.parseInt(args[2]);
    		if(count==0) count=1;
    		
    		int nullCount=0;
    		System.out.println("start test...");
    		// Run the command via SSH
    			IGuestSshService sshService = GuestSshServiceFactory.GetService();
    			IGuestSshProperties props = sshService.makeGuestSshProperties();
    			props.setConnectTimeout(60000);  //  60 seconds to establish connection with the guest
    			props.setCommandTimeout(60 * 60 * 1000); // 1 hour to wait for command to complete (after connection)
    			//props.setScriptInputStream(null); // stdin may be null, which is OK and means no stdin data
    			for(int i=1;i<=count;i++){
    				IScriptResponse response = sshService.invoke("root", args[0], 22, null, args[1], null, props);
    				sshRC = response.getReturnCode();
    				String[] stdoutLines = response.getStandardOutputLines();
    				if(stdoutLines[0].trim().equals("")) nullCount++;
    				System.out.println("Exceute count:"+i+"  returnCode: "+sshRC +" return Lines:"+stdoutLines.length);
    				for (String line : stdoutLines) {
    					System.out.println("Command return: "+line);
    				}
    			}
    			System.out.println("End test, the total execute count is "+count+", and  first line null return count is: " + nullCount);
    		}catch(Exception e){
    			System.out.println(e.getMessage());
    		}
    	}
    
    }
    

     测试结果如下:

    D:	mp>java -jar testssh.jar 192.168.1.244 hostname 5
    start test...
    Exceute count:1  returnCode: 0 return Lines:1
    Command return: GMTDev
    Exceute count:2  returnCode: 0 return Lines:1
    Command return:
    Exceute count:3  returnCode: 0 return Lines:1
    Command return:
    Exceute count:4  returnCode: 0 return Lines:1
    Command return:
    Exceute count:5  returnCode: 0 return Lines:1
    Command return: GMTDev
    End test, the total execute count is 5, and  first line null return count is: 3
    

     从结果中可以看出,共取了5次主机名,只有两得到,3次虽然命令成功执行,但返回空值,这种情况只有当SELINUX=disabled时出现,而Enforcing和permissive返回值都正常。

    或许是guestssh的一个BUG? 记录一下备查。

  • 相关阅读:
    2020去奔跑
    2020前两个月学习心得
    2020年1_2月寒假学习心得
    寒假中期考核个人总结
    Numpy、Matplotlib和pandas学习路线引导
    Python学习路线引导-Python入门基础
    2019在路上
    2020/11/28助教一周小结(第九周)
    2020/11/3助教一周小结(第五周)
    2020/10/25助教一周小结(第四周)
  • 原文地址:https://www.cnblogs.com/biangbiang/p/4323554.html
Copyright © 2020-2023  润新知