How do I use Heroku Exec with a container that's not based on Ubuntu

Issue

The Heroku Exec documentation covers starting the exec process in a container, but it assumes Ubuntu is being used and can fail to start with other flavors of Linux.

Resolution

The heroku-exec.sh script sources another script from $HEROKU_EXEC_URL which contains these lines:

  if ssh -V 2>&1 | grep -q -e '^OpenSSH_7\.2.*$' -e '^OpenSSH_6\.6.*$'; then
    echo "UsePrivilegeSeparation no" >> $HOME/.ssh/sshd_config
  fi

CentOS, for example, defaults to OpenSSH 7.4 so this condition is never met and there are permission errors when the script tries to start sshd.
The script also expects $HOME to be set to a valid path other than /.

It's not pretty, but this alternative heroku-exec.sh script removes the condition before sourcing the downloaded script:

if [ -z "$SSH_CLIENT" ]; then
  # ensure $HOME is set
  export HOME=/heroku
  curl --fail --retry 3 -sSL "$HEROKU_EXEC_URL" -o $HOME/exec-script.sh

  # remove the condition around: echo "UsePrivilegeSeparation no" >> $HOME/.ssh/sshd_config
  # first get the line number that matches: if ssh -V 2>&1 | grep -q -e '^OpenSSH_7\.2.*$' -e '^OpenSSH_6\.6.*$'; then
  LINE_IF=$(grep -n "OpenSSH_" $HOME/exec-script.sh | cut -f1 -d:)
  LINE_FI=$(($LINE_IF + 2))
  sed -i.orig -e "${LINE_FI}d;${LINE_IF}d" $HOME/exec-script.sh
  
  source $HOME/exec-script.sh
fi

Ask on Stack Overflow

Engage with a community of passionate experts to get the answers you need

Ask on Stack Overflow

Heroku Support

Create a support ticket and our support experts will get back to you

Contact Heroku Support