When a command is executed via subprocess.run, what permissions is the command executed with? Is it the permissions of the enclosing python file? Is it user permissions?
For example, if a python file were run with sudo:
sudo python3 file.py
and file.py contained the line
subprocess.run([ 'chmod', '+x', 'file.sh' ])
Would chmod be run with super user permissions?
Intuitively, it should, because, through sudo, you are giving the script itself superuser permissions - this means that the commands it runs would be effectively performed by the superuser.
However, to verify, let's do a little experiment.
test.py
import subprocess
subprocess.run('whoami')
(Now, on the terminal)
$ sudo python test.py
root
$
So, chmod will run with superuser permissions, yes.
Related
I need to run a bash script periodically on a Jetson Nano (so, Ubuntu 18.04). The script should run system updates, pull some Python code from a repository, and run it as a specified user.
So, I created this script:
#! /bin/bash
## system updates
sudo apt update
sudo apt upgrade
## stop previous instances of the Python code
pkill python3
## move to python script folder
cd /home/user_name/projects/my_folder
## pull updates from repo
git stash
git pull
## create dummy folder to check bash script execution to this point
sudo -u user_name mkdir /home/user_name/projects/dummy_folder_00
## launch python script
sudo -u user_name /usr/bin/python3 python_script.py --arg01 --arg02
## create dummy folder to check bash script execution to this point
sudo -u user_name mkdir /home/user_name/projects/dummy_folder_01
I created a cron job running this script as root, by using
sudo crontab -e
and adding the entry
00 13 * * * /home/user_name/projects/my_folder/script.sh
Now, I can see that at the configured time, both the dummy folders are created, and they actually belong to user_name. However, the Python script isn't launched.
I tried creating the cron job as non root user (crontab -e), but at this point even if the Python script gets exectured, I guess I wouldn't be able to run apt update/upgrade.
How can I fix this?
Well, if the dummy folders did get created, that means the sudo statements work, so i'd say theres a 99%+ chance that python was infact started.
I'm guessing the problem is that you havent specified the path for the python file, and your working directory likely isn't what you're expecting it to be.
change:
sudo -u user_name /usr/bin/python3 python_script.py --arg01 --arg02
to something like
sudo -u user_name /usr/bin/python3 /path/to/your/python_script.py --arg01 --arg02
then test.
If that didn't solve the problem , then enable some logging, change the line to:
sudo -u user_name /usr/bin/python3 /path/to/your/python_script.py --arg01 --arg02 \
1> /home/user_name/projects/dummy_folder_00/log.txt 2>&1 ;
and test again, it should log STDOUT and STDERR to that file then.
I have a python script named utils (note without any .py extension). Where I have some utility functions. The path is also added in PATH variable.
#!/usr/bin/env python3
import click, sys
#main.command('echo', context_settings=dict(help_option_names=['-h', '--help']))
def echo_test():
click.echo("Hello World")
sys.exit(0)
It works fine. Now I can run from anywhere utils echo.
I am trying to make the script to use virtualenv instead of the global python. I have tried
#!/path/to/venv/bin python3
import click, sys
Then it throws me error permission denied
Permissions for utils file are -rwxr-xr-x
Any idea how could I use venv with script.
If your code is pasted correctly, your problem is that you are trying to execute a directory with your she-bang, not Python, because you have a space rather than a slash as a separator:
#!/path/to/venv/bin python3
rather than:
#!/path/to/venv/bin/python3
EDIT: By the way, is there a reason you want to change the code and not just activate the virtual environment, like it's supposed to be used?
If you want to do it, you can just:
$ source path/to/venv/bin/activate<.optional_extension>
You need the optional extension if you use a shell other than Bash (probably other Bourne-like shells too).
Try changing the file permissions via this command:
chmod 755
chmod -R 755 on the /usr/lib/python/site-packages/virtualenv
or even
chmod +x
Suggest you read the man page for chmod by using this command
man chmod
if you are not sure.
Using ubuntu's 16.04 crontab and #reboot to run python3 script. The script runs properly on reboot as I see the logged output. However, my script's os.system command is not running. It runs fine if ran outside of crontab. My scripts are all executable.
crontab -l output:
SHELL=/bin/bash
#reboot nohup /usr/bin/python3 -u /home/path/scheduler.py >> /path/log.out &
scheduler.py code:
#...(check if web server is running...if not restart)
os.system('nohup /usr/bin/python3 -u /path/webserver/main.py &')
print('this function ran')
When I logged the output of the os.system command , there was no output.
As a side note, I am running python schedule commands to check the general health of a webserver. crontab doesn't seem to be the right tool for this so I just use crontab to start my python scheduler on reboot.
I am using flask as the webserver, and would use gunicorn and systemctrl if I could get it to work... but it didn't so this is my workaround.
The point is that, the command called by os.system is not in default path.
For example, tcpdump is not in /usr/bin/.
So, you can solve the problem by adding the full path of the command.
I was facing the same issue when we try to run python script directly in crontab it just by passes the os.system() commands.
Make launcher.sh:
#!bin/bash
cd /home/pi/
sudo python example.py
Then, make your script executable:
chmod 755 launcher.sh
And at last, add your script to crontab:
crontab -e
and add this line at the end:
#reboot sh /home/pi/launcher.sh
(I set the program to run at each reboot)
I have EV3 Lego Mindstorms and I instaled on it ev3dev operating system. I set the connection with the PC via SSH and using PuTTY I started to "programming". I used the cat > test2.py and wrote this code:
#!/usr/bin/env python3
import ev3dev.ev3 as ev3
motor = ev3.LargeMotor('outA')
motor.run_timed(time_sp = 1000, speed_sp = 500)
I saved the file and initialized it using ./test2.py. I got this output:
-bash: ./test2.py: Persmission denied
What caused it and what should I change?
try this:
sudo python3 test2.py
that will allows you to open almost anything in linux
Use ls -la ./test2.py in order to see the file permissions.
Look at the beginning of the output, you'll see something like this:
-rw-rw-r--
The first - means if is a directory or a file. In this case means that is a file.
Now If you observe the remaining chars there are 3 sets of 3 chars with means the permissions for the owner of the file, the owner group and the last set is for the rest of the users.
We have permissions to read, write and execute and in the example I showed there are read and write permissions for the owner user and the owner group but non permissions for the other users.
As Is said above you can just use sudo every time you execute the script but to run it with root privileges. However I would recommend you change your file permissions and using chmod
sudo chmod +x ./test2.py
This will let you execute the script. Take a look at chmod documentation to learn more: https://help.ubuntu.com/community/FilePermissions
I'm trying to invoke a shell script shell_script.sh from a python script (python_script.py) using the call command. The shell_script.sh invokes a executable that requires root access to execute.
The python_script.py invokes shell_script.sh using subprocess.call().
See below:
subprocess.call(['/complete_path/shell_script.sh', 'param1', 'param2',
'param3'], shell=True)
When I try to execute the python script python_script.py it gives me permission denied.
I've tried different ways.
a) Invoke python with sudo - sudo python python_script.py
b) Invoke sudo into inside the call method - subprocess.call(['sudo' '/complete_path/shell_script.sh', 'param1', 'param2',
'param3'], shell=True)
What's the best way to resolve this.
Thanks.
I'd put logic in the python_script.py to check its UID and fail if is not executed as root. if os.getuid() != 0:. That will ensure it only runs as root, ether by a root login, or sudo.
If you're getting permission denied when trying to execute the python_script.py, you need to set the execute bit on it. chmod +x python_script.py