从 crontab 调用时,Curl 上传失败 "NSS error -5938"

Curl fails upload with "NSS error -5938" when called from crontab

我有一个 shell 脚本:

  1. 从数据库下载文件
  2. 在本地将它们保存为 CSV 文件
  3. 通过FTP(使用curl)将文件传输到另一台服务器。

手动运行时,脚本运行s文件,但当通过crontab启动时,第三步失败。 CURL 的输出在 STOR 命令之后显示 NSS error -5938 (PR_END_OF_FILE_ERROR)(手动 运行ning 时不会发生)。

有什么想法吗?以下是我 code/logs 的一些摘录:

定时任务表:

    0 20 * * * cd /home/username/automation/process && ./process.sh > /home/username/automation/process/lastrun.log 2>&1

CURL 命令是 运行 来自另一个 shell 脚本 ./totarget.sh:

#!/bin/bash
curl -T  -ssl ftps://ftp.domain.com/ --user username:password --cacert /home/username/automation/process/output/team-ftp.pem -v

CURL 的输出(paths/users/hosts 已替换):

Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /home/username/automation/process/output/team-ftp.pem
  CApath: none
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
* Server certificate:
*       subject: E=Team@domain.com,OU=Team Name,O=Company Name,L=City,ST=NY,C=US,CN=team.domain.com
*       start date: Aug 07 21:42:43 2019 GMT
*       expire date: Aug 06 21:42:43 2020 GMT
*       common name: team.domain.com
*       issuer: E=Team@domain.com,OU=Team Name,O=Company Name,L=City,ST=NY,C=US,CN=team.domain.com
< 220-Team Name FTP
< 220-Unauthorized use is prohibited
< 220 Access is logged
> USER username
< 331 Password required for username
> PASS password
< 230 Logged on
> PBSZ 0
< 200 PBSZ=0
> PROT P
< 200 Protection level set to P
> PWD
< 257 "/" is current directory.
* Entry path is '/'
> EPSV
* Connect data stream passively
* ftp_perform ends with SECONDARY: 0
< 229 Entering Extended Passive Mode (|||61786|)
*   Trying 123.456.789.123...
* Connecting to 123.456.789.123 (123.456.789.123) port 61786
* Connected to team.domain.com (123.456.789.123) port 990 (#0)
> TYPE I
< 200 Type set to I
> STOR Filename.csv
< 150 Opening data channel for file upload to server of "/Filename.csv"
* Doing the SSL/TLS handshake on the data stream
*   CAfile: /home/username/automation/process/output/team-ftp.pem
  CApath: none
* NSS error -5938 (PR_END_OF_FILE_ERROR)
* Encountered end of file
* Failure sending ABOR command: SSL connect error
* Closing connection 0

我导出了站点的自签名证书并将其放在 team-ftp.pem 中,它明确包含在 totarget.sh 脚本中。真的可以使用一些洞察力来了解为什么这个 运行s 对我来说,而不是对同一个用户的 crontab。

一些系统信息:

$ uname -a
Linux hostname.domain.com 3.10.0-693.11.1.el7.x86_64 #1 SMP Fri Oct 27 05:39:05 EDT 2017 x86_64 x86_64 x86_64 GNU/Linux

$ curl --version
curl 7.44.0 (x86_64-unknown-linux-gnu) libcurl/7.44.0 OpenSSL/1.0.2g
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL TLS-SRP UnixSockets

提前致谢。

我能够通过直接从 crontab 调用 bash 然后将 shell 脚本传递给它来解决问题:

 0 20 * * * bash -c "cd /home/username/automation/process && ./process.sh > /home/username/automation/process/lastrun.log 2>&1"

希望这对以后的人有所帮助。