[wp-trac] [WordPress Trac] #32345: ssh2/sftp doesn't work in chrooted environments, FTP_BASE, FTP_CONTENT_DIR, FTP_PLUGIN_DIR not available (was: FTP_BASE, FTP_CONTENT_DIR, FTP_PLUGIN_DIR are not considered when using built in ssh2/sftp)

WordPress Trac noreply at wordpress.org
Fri Jun 12 06:30:49 UTC 2015 

#32345: ssh2/sftp doesn't work in chrooted environments, FTP_BASE, FTP_CONTENT_DIR,
FTP_PLUGIN_DIR not available
----------------------------+-----------------------------
 Reporter:  aberbenni       |       Owner:
     Type:  defect (bug)    |      Status:  new
 Priority:  normal          |   Milestone:  4.3
Component:  Filesystem API  |     Version:  2.7
 Severity:  normal          |  Resolution:
 Keywords:                  |     Focuses:  administration
----------------------------+-----------------------------
Changes (by dd32):

 * keywords:  reporter-feedback =>
 * version:  4.2.2 => 2.7
 * milestone:  Awaiting Review => 4.3


Old description:

> FTP_BASE, FTP_CONTENT_DIR, FTP_PLUGIN_DIR are not considered when using
> built in ssh2/sftp. They are necessary in chrooted environments.
>
> A simple solution could be to modify
> {{{
> find_folder( $folder )
> }}}
> function from
> {{{
> if ( stripos($this->method, 'ftp') !== false ) {
> }}}
> to
> {{{
> if ( stripos($this->method, 'ftp') !== false || stripos($this->method,
> 'ssh2') !== false ) {
> }}}

New description:

 The SSH2 extension doesn't work with chrooted environments.
 Previously:

 ----

 FTP_BASE, FTP_CONTENT_DIR, FTP_PLUGIN_DIR are not considered when using
 built in ssh2/sftp. They are necessary in chrooted environments.

 A simple solution could be to modify
 {{{
 find_folder( $folder )
 }}}
 function from
 {{{
 if ( stripos($this->method, 'ftp') !== false ) {
 }}}
 to
 {{{
 if ( stripos($this->method, 'ftp') !== false || stripos($this->method,
 'ssh2') !== false ) {
 }}}

--

Comment:

 Turns out that the SSH2 transport definately does not work on chroot'd SSH
 configurations at present.

 This is because it relies on the ability to run shell commands (`This
 service allows sftp connections only.`). The following methods require
 shell access at present:
  * pwd() - Needed to locate directory
  * chdir() - Not used by the SSH transport (but used by FTP systems)
  * chgrp() - Not used
  * chmod() - Used, but it's okay if it fails, especially on a SSH
 connection (It's far more expected the files will be created with the
 correct permissions IMHO)
  * chown() - Not used

 Based on that, it looks like we can fix `pwd()` to use
 `ssh2_sftp_realpath( $this->sftp_link, '.' );` instead of `shell_exec(
 'pwd' )`, which should fix SSH2 w/ chrooted environments.
 This should avoid the need to make the `FTP_*` constants work for SSH2.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/32345#comment:8>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list