I am stuck in this setup for almost a week now. Hope that someone can guide me through it.
Setup
I have setup an IIS Server running Flask python code. (Using wfastcgi.py )
I have configured the Application Pool Identity to my own account. (Admin Permission)
I have changed all the files permission that are needed for this web deployment to "Everyone" - Full Control(Read,Write,Execute). (I understand the security risks, this is my staging environment.)
Web server is running fine and i have checked using the bottom code to know my python permission is administrator.
def am_i_admin():
try:
is_admin = os.getuid() == 0
except AttributeError:
is_admin = ctypes.windll.shell32.IsUserAnAdmin() != 0
if is_admin == True:
return "ADMIN"
else:
return "USER"
Problem Statement
I am trying to run administrator priv code on my flask IIS server which allow user within the same network to execute; such as
subprocess.run(['ipconfig'], stdout=subprocess.PIPE)
pyautogui.screenshot() #which take a screenshot of the web server and send over to the client.
I ran on my local jupyter notebook, and the above functions worked perfectly well.
But it failed to run on the IIS flask server.
I have also tried to setup pyautogui on flask server (stand alone without IIS), it worked.
What is the issue with the IIS server ?? Or are there more things that i need to configure. Are there security features that I can disable ?
Subprocess error message:
Error occurred while reading WSGI handler:
Traceback (most recent call last):
File "c:\users\aspnet\anaconda3\lib\site-packages\wfastcgi.py", line 791, in main
env, handler = read_wsgi_handler(response.physical_path)
File "c:\users\aspnet\anaconda3\lib\site-packages\wfastcgi.py", line 633, in read_wsgi_handler
handler = get_wsgi_handler(os.getenv("WSGI_HANDLER"))
File "c:\users\aspnet\anaconda3\lib\site-packages\wfastcgi.py", line 600, in get_wsgi_handler
handler = __import__(module_name, fromlist=[name_list[0][0]])
File ".\my_app.py", line 58, in <module>
out = os.popen("ipconfig").read()
File "c:\users\aspnet\anaconda3\lib\os.py", line 990, in popen
bufsize=buffering)
File "c:\users\aspnet\anaconda3\lib\subprocess.py", line 753, in __init__
errread, errwrite) = self._get_handles(stdin, stdout, stderr)
File "c:\users\aspnet\anaconda3\lib\subprocess.py", line 1090, in _get_handles
errwrite = _winapi.GetStdHandle(_winapi.STD_ERROR_HANDLE)
OSError: [WinError 6] The handle is invalid
StdOut:
StdErr:
pyautogui error:
Error occurred while reading WSGI handler:
Traceback (most recent call last):
File "c:\users\aspnet\anaconda3\lib\site-packages\wfastcgi.py", line 791, in main
env, handler = read_wsgi_handler(response.physical_path)
File "c:\users\aspnet\anaconda3\lib\site-packages\wfastcgi.py", line 633, in read_wsgi_handler
handler = get_wsgi_handler(os.getenv("WSGI_HANDLER"))
File "c:\users\aspnet\anaconda3\lib\site-packages\wfastcgi.py", line 600, in get_wsgi_handler
handler = __import__(module_name, fromlist=[name_list[0][0]])
File ".\my_app.py", line 45, in <module>
pyautogui.screenshot()
File "c:\users\aspnet\anaconda3\lib\site-packages\pyscreeze\__init__.py", line 135, in wrapper
return wrappedFunction(*args, **kwargs)
File "c:\users\aspnet\anaconda3\lib\site-packages\pyscreeze\__init__.py", line 427, in _screenshot_win32
im = ImageGrab.grab()
File "c:\users\aspnet\anaconda3\lib\site-packages\PIL\ImageGrab.py", line 44, in grab
include_layered_windows, all_screens
OSError: screen grab failed
StdOut:
StdErr:
File "c:\users\aspnet\anaconda3\lib\site-packages\PIL\ImageGrab.py", line 44, in grab
include_layered_windows, all_screens
OSError: screen grab failed
To resolve the issue set stderr and stdin to subprocess.PIPE:
['where', 'wkhtmltopdf'], stdout=subprocess.PIPE, stdin=subprocess.PIPE, stderr=subprocess.PIPE).communicate()[0].strip()
Reference: https://github.com/foliojs/pdfkit/issues/714
File "c:\users\aspnet\anaconda3\lib\site-packages\PIL\ImageGrab.py", line 44, in grab
include_layered_windows, all_screens
OSError: screen grab failed
Use below code:
from PIL import ImageGrab
OR
from PIL import Image
Related
I am currently setting up a django site to run on IIS, however I am running into an issue with the USZipCodes python module, When it goes to call the USZipCodes module if gets an access denied error.
I have confirmed all folders regarding this EXCEPT the systemprofile folder has proper permissions for the IIS_IUSRS profile. I would do the systemprofile as well but it just give me more errors and I would prefer not to
This module works fine when not IIS, through CMD it works fine, it is only when using IIS to run the app does this occur.
I suspect I may just have the cut the module out but I would prefer not too
Error Log:
Traceback (most recent call last):
File "C:\Python310\lib\site-packages\django\core\handlers\exception.py", line 47, in inner
response = get_response(request)
File "C:\Python310\lib\site-packages\django\core\handlers\base.py", line 181, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "C:\inetpub\wwwroot\Apps\scituateApp\.\tickets\views.py", line 286, in push
json_client['street_name'], zco(json_client['zip']), json_client['state'], json_client['zip'],
File "C:\inetpub\wwwroot\Apps\scituateApp\.\tickets\views.py", line 15, in zco
search = SearchEngine()
File "C:\Python310\lib\site-packages\uszipcode\search.py", line 153, in __init__
self._download_db_file_if_not_exists()
File "C:\Python310\lib\site-packages\uszipcode\search.py", line 173, in _download_db_file_if_not_exists
download_db_file(
File "C:\Python310\lib\site-packages\uszipcode\db.py", line 33, in download_db_file
Path(db_file_path).parent.mkdir(parents=True, exist_ok=True)
File "C:\Python310\lib\site-packages\pathlib_mate\pathlib2.py", line 1614, in mkdir
_try_except_filenotfounderror(_try_func, _exc_func)
File "C:\Python310\lib\site-packages\pathlib_mate\pathlib2.py", line 117, in _try_except_filenotfounderror
try_func()
File "C:\Python310\lib\site-packages\pathlib_mate\pathlib2.py", line 1605, in _try_func
self._accessor.mkdir(self, mode)
File "C:\Python310\lib\site-packages\pathlib_mate\pathlib2.py", line 593, in wrapped
return strfunc(str(pathobj), *args)
PermissionError: [WinError 5] Access is denied: 'C:\\Windows\\system32\\config\\systemprofile\\.uszipcode'
Figured I would follow up. After quite some hours I was able to resolve the issue.
When you setup the IIS, it creates a local group called IIS_LUSRS. You must add the user (local or domain) that you log into to run IIS to this local groups (can be done through the lusrmgr.msc program). Then after this is done, allow that group modify and write privs on the python site package pathlib and the system profile in system 32.
This is not the best solutions, but it fixed it for me...
I am a newbie in Toil and AWS trying to run HelloWorld.py example in the Toil Document. I have already successfully installed toil and related python packages on my local mac laptop and have setup my account at AWS. I have created a small leader/worker cluster
$ cgcloud create-cluster toil -s 2 -t m3.large
and started it:
$ cgcloud ssh toil-leader
This changed my screen prompt to:
mesosbox#ip-172-31-25-135:~$
Then from an other window on my mac, I started the Toil HellowWorld example with with command:
$ python2.7 HelloWorld.py --batchSystem=mesos --mesosMaster=mesos-master:5050 aws:us-west-2:my-aws-jobstore
And I got the following output:
Apples-Air 2017-06-02 19:30:53,524 MainThread INFO toil.lib.bioio: Root logger is at level 'INFO', 'toil' logger at level 'INFO'.
Apples-Air 2017-06-02 19:30:53,524 MainThread INFO toil.lib.bioio: Root logger is at level 'INFO', 'toil' logger at level 'INFO'.
Apples-Air 2017-06-02 19:30:54,852 MainThread WARNING toil.jobStores.aws.jobStore: Exception during panic
Traceback (most recent call last):
File "/usr/local/lib/python2.7/site-packages/toil/jobStores/aws/jobStore.py", line 209, in initialize
self.destroy()
File "/usr/local/lib/python2.7/site-packages/toil/jobStores/aws/jobStore.py", line 1334, in destroy
self._bind(create=False, block=False)
File "/usr/local/lib/python2.7/site-packages/toil/jobStores/aws/jobStore.py", line 241, in _bind
versioning=True)
File "/usr/local/lib/python2.7/site-packages/toil/jobStores/aws/jobStore.py", line 721, in _bindBucket
bucket = self.s3.get_bucket(bucket_name, validate=True)
File "/usr/local/lib/python2.7/site-packages/boto/s3/connection.py", line 502, in get_bucket
return self.head_bucket(bucket_name, headers=headers)
File "/usr/local/lib/python2.7/site-packages/boto/s3/connection.py", line 535, in head_bucket
raise err
S3ResponseError: S3ResponseError: 403 Forbidden
Traceback (most recent call last):
File "helloWorld.py", line 22, in <module>
print(Job.Runner.startToil(j, options)) #Prints Hello, world!, ….
File "/usr/local/lib/python2.7/site-packages/toil/job.py", line 740, in startToil
with Toil(options) as toil:
File "/usr/local/lib/python2.7/site-packages/toil/common.py", line 614, in __enter__
jobStore.initialize(config)
File "/usr/local/lib/python2.7/site-packages/toil/jobStores/aws/jobStore.py", line 209, in initialize
self.destroy()
File "/usr/local/lib/python2.7/site-packages/toil/jobStores/aws/jobStore.py", line 206, in initialize
self._bind(create=True)
File "/usr/local/lib/python2.7/site-packages/toil/jobStores/aws/jobStore.py", line 241, in _bind
versioning=True)
File "/usr/local/lib/python2.7/site-packages/toil/jobStores/aws/jobStore.py", line 721, in _bindBucket
bucket = self.s3.get_bucket(bucket_name, validate=True)
File "/usr/local/lib/python2.7/site-packages/boto/s3/connection.py", line 502, in get_bucket
return self.head_bucket(bucket_name, headers=headers)
File "/usr/local/lib/python2.7/site-packages/boto/s3/connection.py", line 535, in head_bucket
raise err
boto.exception.S3ResponseError: S3ResponseError: 403 Forbidden
Please help.
Thanks.
---John
I realize that this answer is a little late. One problem I notice is with the mesosMaster argument.
Instead, your command should have look like
python2.7 HelloWorld.py --batchSystem=mesos --mesosMaster=172.31.25.135:5050 aws:us-west-2:my-aws-jobstore
Notice that I replaces mesos-master with the actual IP address from
mesosbox#ip-172-31-25-135:~$
Hopefully in the future, one will not need to pass this argument at all, however this is not yet implemented as of 26 July 2017.
Also for further problems with Toil you will probably have better luck posting a new issue to the Toil Github page.
As the title suggests, I am seeing this error when my flask app tries to run.
I am hosting the application locally using dev_appserver.
The error occurs when I visit the site and it tries to run the app. It appears that GAE is trying and failing to bind a socket for some reason.
I suspect that this may have something to do with OAuth2. Maybe it requires an SSL connection?
I don't even know where to begin solving this as none of the other posts about this are experiencing the same variation of the issue.
Edit: Here's a screenshot of the console confirming that the GAE server launches successfully on a different port; still doesn't resolve it
Traceback (most recent call last):
File "C:\Users\XXX\AppData\Local\Google\Cloud SDK\google-cloud-sdk\platform\google_appengine\google\appengine\runtime\wsgi.py", line 240, in Handle
handler = _config_handle.add_wsgi_middleware(self._LoadHandler())
File "C:\Users\XXX\AppData\Local\Google\Cloud SDK\google-cloud-sdk\platform\google_appengine\google\appengine\runtime\wsgi.py", line 299, in _LoadHandler
handler, path, err = LoadObject(self._handler)
File "C:\Users\XXX\AppData\Local\Google\Cloud SDK\google-cloud-sdk\platform\google_appengine\google\appengine\runtime\wsgi.py", line 85, in LoadObject
obj = __import__(path[0])
File "C:\Users\XXX\PycharmProjects\ad-assignment\main.py", line 51, in <module>
app.run()
File "C:\Users\XXX\PycharmProjects\ad-assignment\lib\flask\app.py", line 843, in run
run_simple(host, port, self, **options)
File "C:\Users\XXX\PycharmProjects\ad-assignment\lib\werkzeug\serving.py", line 694, in run_simple
inner()
File "C:\Users\XXX\PycharmProjects\ad-assignment\lib\werkzeug\serving.py", line 656, in inner
fd=fd)
File "C:\Users\XXX\PycharmProjects\ad-assignment\lib\werkzeug\serving.py", line 550, in make_server
passthrough_errors, ssl_context, fd=fd)
File "C:\Users\XXX\PycharmProjects\ad-assignment\lib\werkzeug\serving.py", line 464, in __init__
HTTPServer.__init__(self, (host, int(port)), handler)
File "C:\Python27\Lib\SocketServer.py", line 417, in __init__
self.server_bind()
File "C:\Python27\Lib\BaseHTTPServer.py", line 108, in server_bind
SocketServer.TCPServer.server_bind(self)
File "C:\Python27\Lib\SocketServer.py", line 431, in server_bind
self.socket.bind(self.server_address)
File "C:\Users\XXX\AppData\Local\Google\Cloud SDK\google-cloud-sdk\platform\google_appengine\google\appengine\dist27\socket.py", line 222, in meth
return getattr(self._sock,name)(*args)
File "C:\Users\XXX\AppData\Local\Google\Cloud SDK\google-cloud-sdk\platform\google_appengine\google\appengine\api\remote_socket\_remote_socket.py", line 676, in bind
raise _SystemExceptionFromAppError(e)
error: [Errno 13] Permission denied
INFO 2016-12-16 21:41:51,631 module.py:788] default: "GET /oauth2callback?code=x/xxxxxxxxxxxxxxxxx HTTP/1.1" 500 -
Code (as seen in Google's OAuth2 usage guide):
import flask
app = flask.Flask(__name__)
#app.route('/')
def index():
...
#app.route('/oauth2callback')
def oauth2callback():
...
if __name__ == 'main':
import uuid
app.secret_key = str(uuid.uuid4())
app.debug = False
app.run()
We have a tutorial that walks you through adding Firebase Authentication to your Python app running with Flask. Firebase Authentication is the preferred identity toolkit now. You can of course still use a pure OAuth2 flow, but Firebase Auth also provides multi-provider authentication if that's something you were considering adding to your app anyways. If you just want to dive into the sample's code its here on GitHub.
If you just want to stick with straight OAuth, you might want to look at your Flask code itself. Getting flask to run is pretty easy on App Engine. My guess is that you're calling some code that you don't need to (flask.run()) or you aren't importing your library properly (see appengine_config.py).
I just installed scrapyd on Ubuntu (with apt-get tool). However, without doing any change to the configuration, when I launched "scrapyd" I got the following error:
(! 397)-> scrapyd
Unhandled Error
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/twisted/application/app.py", line 642, in run
runApp(config)
File "/usr/lib/python2.7/dist-packages/twisted/scripts/twistd.py", line 23, in runApp
_SomeApplicationRunner(config).run()
File "/usr/lib/python2.7/dist-packages/twisted/application/app.py", line 376, in run
self.application = self.createOrGetApplication()
File "/usr/lib/python2.7/dist-packages/twisted/application/app.py", line 441, in createOrGetApplication
application = getApplication(self.config, passphrase)
--- <exception caught here> ---
File "/usr/lib/python2.7/dist-packages/twisted/application/app.py", line 452, in getApplication
application = service.loadApplication(filename, style, passphrase)
File "/usr/lib/python2.7/dist-packages/twisted/application/service.py", line 405, in loadApplication
application = sob.loadValueFromFile(filename, 'application', passphrase)
File "/usr/lib/python2.7/dist-packages/twisted/persisted/sob.py", line 210, in loadValueFromFile
exec fileObj in d, d
File "/usr/lib/pymodules/python2.7/scrapyd/txapp.py", line 3, in <module>
application = get_application()
File "/usr/lib/pymodules/python2.7/scrapyd/__init__.py", line 14, in get_application
return appfunc(config)
File "/usr/lib/pymodules/python2.7/scrapyd/app.py", line 22, in application
poller = QueuePoller(config)
File "/usr/lib/pymodules/python2.7/scrapyd/poller.py", line 13, in __init__
self.update_projects()
File "/usr/lib/pymodules/python2.7/scrapyd/poller.py", line 30, in update_projects
self.queues = get_spider_queues(self.config)
File "/usr/lib/pymodules/python2.7/scrapyd/utils.py", line 18, in get_spider_queues
d[project] = SqliteSpiderQueue(dbpath)
File "/usr/lib/pymodules/python2.7/scrapyd/spiderqueue.py", line 12, in __init__
self.q = JsonSqlitePriorityQueue(database, table)
File "/usr/lib/pymodules/python2.7/scrapyd/sqlite.py", line 95, in __init__
self.conn = sqlite3.connect(self.database, check_same_thread=False)
sqlite3.OperationalError: unable to open database file
Failed to load application: unable to open database file
I am pretty new to Python, I was trying to print the SQlite filename that it tried to open but this file is owned by scrapy user and I try to stay away messing with it. Also, here the content of my configuration:
(! 403)-> cat /etc/scrapyd/conf.d/000-default
[scrapyd]
http_port = 6800
debug = off
#max_proc = 1
eggs_dir = /var/lib/scrapyd/eggs
dbs_dir = /var/lib/scrapyd/dbs
items_dir = /var/lib/scrapyd/items
logs_dir = /var/log/scrapyd
Does anyone have clue about this? Thanks.
I suspect the Scrapyd configuration is referencing files or folders that your system user doesn't have the appropriate permissions to use.
There are at least three potential solutions to this problem:
Change the dbs_dir in the configuration file (/etc/scrapyd/scrapyd.conf) to a location your system user can access.
Change the permissions on /var/lib/scrapyd/dbs to allow users or groups access.
Run scrapyd as another user, as a superuser, or as root.
I am trying to access linkedin API using python code. Here's the code that I am running on my windows machine:
from linkedin import server
import webbrowser
API_KEY = "<API_KEY>"
API_SECRET = "<API_SECRET>"
application = server.quick_api(API_KEY, API_SECRET)
I am executing these statements one-by-one in the console, but when I execute server.quick_api(API_KEY, API_SECRET), I receive the following error:
>>> application = server.quick_api(API_KEY, API_SECRET)
https://www.linkedin.com/uas/oauth2/authorization?scope=r_basicprofile%20rw_nus%20r_network%20r_contactinfo%20w_messages%20rw_groups%20r_emailaddress%20r_fullprofile&state=0b0290ff6e51e14c5409434a6e4bf52f&redirect_uri=http%3A//localhost%3A8000/&response_type=code&client_id=<API_KEY>
Traceback (most recent call last):
File "C:\Python27\lib\site-packages\IPython\core\interactiveshell.py", line 2731, in run_code
exec code_obj in self.user_global_ns, self.user_ns
File "<ipython-input-9-eb867f0fb231>", line 1, in <module>
application = server.quick_api(API_KEY, API_SECRET)
File "C:\Users\sony\AppData\Roaming\Python\Python27\site-packages\linkedin\server.py", line 24, in quick_api
_wait_for_user_to_enter_browser(app)
File "C:\Users\sony\AppData\Roaming\Python\Python27\site-packages\linkedin\server.py", line 38, in _wait_for_user_to_enter_browser
httpd = BaseHTTPServer.HTTPServer(server_address, MyHandler)
File "C:\Python27\lib\SocketServer.py", line 419, in __init__
self.server_bind()
File "C:\Python27\lib\BaseHTTPServer.py", line 108, in server_bind
SocketServer.TCPServer.server_bind(self)
File "C:\Python27\lib\SocketServer.py", line 430, in server_bind
self.socket.bind(self.server_address)
File "C:\Python27\lib\socket.py", line 224, in meth
return getattr(self._sock,name)(*args)
error: [Errno 10013] An attempt was made to access a socket in a way forbidden by its access permissions
I get a url which I understand I am supposed to get, but what's the cause of this error?
Also, when I paste the url in the browser, it takes me to linkedin page and asks for my credentials which it never accepts (I am sure I am entering the correct credentials). It always shows:
"HTTP Error 404. The requested resource is not found."
I am otherwise able to login to linkedin using the same credentials.