¿Manera segura de habilitar llamadas SVN usando PHP?

¿Existe alguna manera de modificar los permissions en RHEL / Apache / PHP para habilitar, de forma segura, las llamadas a SVN utilizando commands de shell, es decir. shell_exec (), shell () o system ()?

Por el momento, obtengo un permiso denegado cuando bash commands de shell.

No está obligado a usar las llamadas a exec() y fabricar sus propios commands svn add ... ya que PECL tiene una extensión PHP estable para esto – Subversion . El package está aquí .

De esta manera, tendrá un acceso fácil a todas las funcionalidades necesarias de SVN dentro de su código.

La única forma en que pude lograr esto fue usar la biblioteca SSH2 y conectar localy bajo una count específica. De lo contrario, nunca pude configurarlos correctamente.


No es una buena biblioteca, tuve 1 día para probar y search documentation, así que definitivamente no es la mejor, pero al less funciona …

Biblioteca actualmente en uso:

 <?php /** * * Runs several SSH2 commands on the devl server as root * */ function ssh2Run(array $commands, $catchoutput = true, $server = 'localhost', $user = 'root', $logfile = NULL){ //Open a log file for web output if($logfile == NULL){ $logfile = logCreate(); } //Connect to ssh2 $connection = ssh2_connect($server); $hostkey = ssh2_fingerprint($connection); logWrite($logfile, 'Connected to '.$server.', hostkey = '.$hostkey); ssh2_auth_pubkey_file($connection, $user, '/home/myuser/.ssh/id_rsa.pub', '/home/myuser/.ssh/id_rsa'); //Execute the various commands and read the output to the log file foreach($commands as $command){ // Run a command that will probably write to stderr (unless you have a folder named /hom) logWrite($logfile, 'Sending command: '.$user.'@'.$server.': '.$command); logWrite($logfile, '----------------------------------------------------------------------------------'); $outputStream = ssh2_exec($connection, $command, true); if(is_resource($outputStream)){ stream_set_blocking($outputStream, true); } //Catch if($catchoutput){ if(is_resource($errorStream)){ $errorStream = ssh2_fetch_stream($outputStream, SSH2_STREAM_STDERR); } // Enable blocking for both streams if(is_resource($errorStream)){ stream_set_blocking($errorStream, true); } // Whichever of the two below commands is listed first will receive its appropriate output. The second command receives nothing logWrite($logfile, 'Output of command:'); //Loop the stream until it is complete while((is_resource($outputStream) && !feof($outputStream)) || (is_resource($errorStream) && !feof($errorStream))){ //Content read out if(is_resource($outputStream) && !feof($outputStream)){ $outputContent = trim(fgets($outputStream)); }else{ $outputContent = ''; } if(is_resource($errorStream) && !feof($errorStream)){ $errorContent = trim(fgets($errorStream)); }else{ $errorContent = ''; } //Add the information to the log if($outputContent == '' && $errorContent == ''){ continue; } if($outputContent !== ''){ logWrite($logfile, 'OUT: '.$outputContent); } if($errorContent !== ''){ logWrite($logfile, 'ERROR: '.$errorContent); } } // Close the streams if(is_resource($errorStream)){ fclose($errorStream); } if(is_resource($outputStream)){ fclose($outputStream); } } } //Return the log return $logfile; } /** * * List files in a SFTP enabled directory * */ function sftpList($server, $user, $path){ //Connect to ssh2 $connection = ssh2_connect($server); $hostkey = ssh2_fingerprint($connection); ssh2_auth_pubkey_file($connection, $user, '/home/myuser/.ssh/id_rsa.pub', '/home/myuser/.ssh/id_rsa'); //Create our SFTP resource if(!$sftp = ssh2_sftp($connection)){ throw new Exception('Unable to create SFTP connection.'); } /** * Now that we have our SFTP resource, we can open a directory resource * to get us a list of files. Here we will use the $sftp resource in * our address string as I previously mentioned since our ssh2:// * protocol allows it. */ $results = array(); $dirHandle = opendir('ssh2.sftp://'.$sftp.$path); while (false !== ($result = readdir($dirHandle))) { if ($result != '.' && $result != '..') { $results[] = $result; } } closedir($dirHandle); //Return the log return $results; }