我尝试执行以下命令:
mysql AMORE -u username -ppassword -h localhost -e "SELECT host FROM amoreconfig"
我把它存储在一个字符串中:
cmd="mysql AMORE -u username -ppassword -h localhost -e\"SELECT host FROM amoreconfig\""
测试它:
echo $cmd
mysql AMORE -u username -ppassword -h localhost -e"SELECT host FROM amoreconfig"
尝试执行以下操作:
$cmd
我得到了mysql的帮助页面:
mysql Ver 14.14 Distrib 5.1.31, for pc-linux-gnu (i686) using readline 5.1
Copyright 2000-2008 MySQL AB, 2008 Sun Microsystems, Inc.
This software comes with ABSOLUTELY NO WARRANTY. This is free software,
and you are welcome to modify and redistribute it under the GPL license
Usage: mysql [OPTIONS] [database]
(...)
我想我做了一些明显的错误与报价,但不能找出是什么问题。
使用数组,而不是字符串,如BashFAQ #50中给出的指导。
使用字符串是非常糟糕的安全实践:考虑密码(或查询中的where子句,或任何其他组件)是用户提供的情况;你不想对包含$(rm -rf .)的密码求值!
只运行本地命令
cmd=( mysql AMORE -u username -ppassword -h localhost -e "SELECT host FROM amoreconfig" )
"${cmd[@]}"
清楚地打印你的命令
cmd=( mysql AMORE -u username -ppassword -h localhost -e "SELECT host FROM amoreconfig" )
printf 'Proposing to run: '
printf '%q ' "${cmd[@]}"
printf '\n'
通过SSH执行命令(方法一:使用Stdin)
cmd=( mysql AMORE -u username -ppassword -h localhost -e "SELECT host FROM amoreconfig" )
printf -v cmd_str '%q ' "${cmd[@]}"
ssh other_host 'bash -s' <<<"$cmd_str"
通过SSH执行命令(方式二:命令行)
cmd=( mysql AMORE -u username -ppassword -h localhost -e "SELECT host FROM amoreconfig" )
printf -v cmd_str '%q ' "${cmd[@]}"
ssh other_host "bash -c $cmd_str"
