[horde] VFS ssh2 _listFolder() buglet?

Lawrence Stewart lstewart at room52.net
Mon Jan 17 04:56:55 UTC 2011 

On 01/07/11 20:21, Jan Schneider wrote:
> Zitat von Lawrence Stewart <lstewart at room52.net>:
> 
>> Does the above seem reasonable or have I misunderstood something? I'll
>> file a bug report with the patch if people think my analysis is correct.
> 
> Nice catch! I didn't try to reproduce this, but please create a ticket
> for that.

Stop the press...

So whilst my analysis is correct and my patch helps, there are some more
fundamental problems with the ssh2 VFS module and possibly more so with
the ssh2 PECL module.

I'm trying to figure out the appropriate way to address these issues.
Any thoughts/input would be very welcome.

I run my server with most user accounts set to use the scponly shell.
This ensures the users who don't need full shell access but may want to
upload/download files from the server can. The ssh2 VFS module issues
commands in a way that assumes it is communicating with a proper shell
e.g. "cd /blah ; pwd" in lib/VFS/ssh2.php _setPath(). These do not work
with the scponly shell or sftp.

I've spent a bit of time studying the code in ssh2.php and can't see an
easy fix for the problem. It seems that instead of issuing raw shell
commands, what we should move towards is issuing sftp commands over the
sftp resource that gets created during connect(). That would allow all
the current functionality to work both with regular shells and scponly
which is my goal.

I didn't run into the problem when debugging the original issue that
started this thread because my user account obviously has full shell
access. Switching to the VFS ssh backend has broken Gollem for all
scponly accounts, which is the majority of other users on this server.

Based on my current understanding, code in both ssh2.php and the ssh2
PECL module will need to be changed in order to get all this working.
The PECL module will need to add functions for things like cd, pwd and
chmod. Horde's ssh2 VFS code will need to switch from issuing shell
commands to using the sftp based PECL functions.

Does anyone see an easier solution or reason not to go down the path
outlined above?

Cheers,
Lawrence

More information about the horde mailing list