使用Aapche commons CommandLine库,我试图在SLES OS的tomcat中运行的web应用程序中执行openssl命令。下面是代码片段-
CommandLine cmd = new CommandLine("/usr/bin/openssl")
.addArgument("genrsa")
.addArgument("-out")
.addArgument("/root/testcert_tomcat.key")
.addArgument("4096");
logger.info("Command - "+ cmd.toString());
DefaultExecutor executor = new DefaultExecutor();
executor.setProcessDestroyer(new ShutdownHookProcessDestroyer());
executor.setStreamHandler(new PumpStreamHandler(null, null, null));
executor.setWatchdog(new ExecuteWatchdog(60000));
executor.setExitValue(0);
try {
int exitValue = executor.execute(cmd);
if(exitValue != 0 ){
logger.info("Exit value - "+ exitValue);
}
} catch (IOException ex) {
logger.info("Exception - "+ ex.getMessage());
return false;
}
command - openssl genrsa out test。关键4096
当从tomcat web应用程序外的普通Java代码或直接从shell命令行运行时,相同的命令可以正常工作。如果有人有任何想法,请提出可能的问题。
异常捕获- org.apache.commons.exec.ExecuteException: Process exited with an error: 1 (Exit value: 1)
不太确定,但我试着检查tomcat用户,它是作为root运行的-
libv222:/usr/share/tomcat/webapps # ps auxwww | grep -v grep | grep tomcat
tomcat 13700 27.7 12.3 3610620 498412 ? Ssl 20:20 0:46 /usr/bin/java -Xdebug -Xrunjdwp:server=y,transport=dt_socket,address=5000,suspend=n -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/tmp -Djava.security.auth.login.config=/usr/share/tomcat/conf/jaas.config -Djava.library.path=/lib/emc/powerpath/remote_tools/latest/ -XX:MaxPermSize=128M -Xms512m -Xmx1536m -classpath /usr/share/tomcat/bin/bootstrap.jar:/usr/share/tomcat/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar -Dcatalina.base=/usr/share/tomcat -Dcatalina.home=/usr/share/tomcat -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/cache/tomcat/temp -Djava.util.logging.config.file=/usr/share/tomcat/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager org.apache.catalina.startup.Bootstrap start
root 16591 0.0 0.0 4244 728 pts/0 S+ 17:34 0:00 tail -f /var/log/tomcat/catalina.out
下面的代码为我工作,我不得不从Apache公地切换到创建一个进程,使其工作。看来我们需要在一个新的进程中执行这个命令才能成功执行。
人们在评论中建议,目录应该有读写权限,无论需要什么,这绝对是命令执行所必需的。
private static boolean executeOpenSslCmdProcess(String host) {
StringBuffer command = new StringBuffer();
command.append("openssl x509 -req -in /tmp/ppserver.csr -out /tmp/ppserver.crt -sha256 -CA /tmp/powerpath-CA.crt -CAkey /tmp/powerpath-CA.key -CAcreateserial -days 821");
String[] cmd = {
"/bin/sh",
"-c",
command.toString()
};
try {
Process process = Runtime.getRuntime().exec(cmd);
InputStream inputStream = process.getInputStream();
BufferedReader br = new BufferedReader(new InputStreamReader(inputStream, CHAR_SET));
result = br.lines().collect(Collectors.joining(System.lineSeparator()));
exitCode = process.waitFor();
logger.info("ExitCode : {} ", exitCode);
if (exitCode != 0) {
return false;
}
} catch (IOException ex) {
logger.info("IOException - " + ex);
return false;
} catch (InterruptedException ex) {
logger.info("InterruptedException - " + ex);
}
}
感谢评论中的建议!