[horde] VFS ssh2 _listFolder() buglet?

Lawrence Stewart lstewart at room52.net
Mon Jan 17 10:36:50 UTC 2011

On 01/17/11 19:47, Jan Schneider wrote:
> Zitat von Lawrence Stewart <lstewart at room52.net>:
>> On 01/07/11 20:21, Jan Schneider wrote:
>>> Zitat von Lawrence Stewart <lstewart at room52.net>:
>>>> Does the above seem reasonable or have I misunderstood something? I'll
>>>> file a bug report with the patch if people think my analysis is
>>>> correct.
>>> Nice catch! I didn't try to reproduce this, but please create a ticket
>>> for that.
>> Stop the press...
>> So whilst my analysis is correct and my patch helps, there are some more
>> fundamental problems with the ssh2 VFS module and possibly more so with
>> the ssh2 PECL module.
>> I'm trying to figure out the appropriate way to address these issues.
>> Any thoughts/input would be very welcome.
>> I run my server with most user accounts set to use the scponly shell.
>> This ensures the users who don't need full shell access but may want to
>> upload/download files from the server can. The ssh2 VFS module issues
>> commands in a way that assumes it is communicating with a proper shell
>> e.g. "cd /blah ; pwd" in lib/VFS/ssh2.php _setPath(). These do not work
>> with the scponly shell or sftp.
>> I've spent a bit of time studying the code in ssh2.php and can't see an
>> easy fix for the problem. It seems that instead of issuing raw shell
>> commands, what we should move towards is issuing sftp commands over the
>> sftp resource that gets created during connect(). That would allow all
>> the current functionality to work both with regular shells and scponly
>> which is my goal.
>> I didn't run into the problem when debugging the original issue that
>> started this thread because my user account obviously has full shell
>> access. Switching to the VFS ssh backend has broken Gollem for all
>> scponly accounts, which is the majority of other users on this server.
>> Based on my current understanding, code in both ssh2.php and the ssh2
>> PECL module will need to be changed in order to get all this working.
>> The PECL module will need to add functions for things like cd, pwd and
>> chmod. Horde's ssh2 VFS code will need to switch from issuing shell
>> commands to using the sftp based PECL functions.
>> Does anyone see an easier solution or reason not to go down the path
>> outlined above?
> There are obviously backward compatibility issues with this approach,
> though it might be long-term solution. A different (sftp/scp) VFS driver
> might be solution for that.

Given that the current code makes an implicit assumption about the
availability of sftp, my suspicion is that I should be able to achieve
what I'm after in a backwards compatible way from Horde's perspective at
least. It also seems that a different driver might therefore be
unnecessary. I'll have a play around and get back to the list when I
have a patch to discuss.


More information about the horde mailing list