Re: pexpect with apache

Thank you both for your help. I don't know why I didn't think of that
before. I had the expect mindset, and was determined to get it working
that way.

I added an entry for sudo for the script and it works without a hitch.
I'm still curious to know what was going on to disallow the
authentication in pexpect. I had added 'www' to user 'admin', and
could su to root from the command line, so I don't think that was it.
Maybe it was a timing error, ie pexpect fired off the password too soon
or too late, or something in the apache environment that just
disallowed becoming root for security reasons.

Problem solved.

~Sean

martdi wrote:
Since it wont require pyexpect, and based on the operations you
accomplish with your python script, maybe that a bash script instead of
a python one might be the best tool for the job you're trying to
accomplish.


martdi wrote:
Sudo is probably the best solution here, since in the file sudo.conf
you could restrict the www user only to the python script that requires
it.

Also, using either sudo or the setuid flag would remove the need of
pexpect since all the commands will be run as the designated user.

for setuid flag:
chmod u+s pythonScript.py
chown root pythonScript.py

for the sudo solution, add an entry to /etc/sudo.conf or /etc/sudoers ,
depending on distro:
the syntax for a line in sudo.conf is:
user hostlist = (userlist) commandlist

so you might want to add:
www localhost = NOPASSWD: /var/www/htdocs/pythonScript.py

note:
Replace the /var/www/htdocs/pythonScript.py with the path to where
your script is
the NOPASSWD: is a flag that tells sudo that no password is
required

Lee Harr wrote:
Well, first i don't think it is a good idea to have the python script
tu su to root, but for it to work, i think (Totally unsure about that)
www has to be in group wheel to be able to su.


Maybe sudo can help here.

.

Relevant Pages

  • Re: Card Reader
    ... Running your script ... instead of sudo is worthless because your script *can't do ... And of course it doesn't ask for a root password, ... >> That's just more bullshit Bryan, and you might as well leave ...
    (rec.photo.digital)
  • Re: Card Reader
    ... Here's a simple Python script. ... Look Bryan, it makes no difference how many times you try this, ... sudo is *not* going to run your script. ... There is no actual root password; ...
    (rec.photo.digital)
  • RE: [Perl-beginners] Perl script to switch user to root.
    ... you obviously didn't read the sudo help pages, you can run the script as ... Onderwerp: Re: Perl script to switch user to root. ...
    (perl.beginners)
  • Re: SUDOERS: how to setup in a school
    ... > to login using ROOT user or a user created with ROOT privileges, ... root using sudo. ... With regards to editing configuration files. ... Consider the following script: ...
    (comp.os.linux.security)
  • Re: hi all..
    ... And with sudo, I certainly wouldn't because they already have root. ... If you somehow had access to my account right now, ... install an effective key logger without root. ...
    (Fedora)