I am running my python in ubuntu and trying to make a script that communicates with the shell. My script is simple
import os
os.system('sudo su - xyz')
when I run the script and try to login xyz, it asks for the password in my shell. But how do I send the password via the python script and just login.? Is there a better way to do this ?
Piping a hardcoded password into stdin so that you don't have to input it for a command which requires sudoer privileges is overthinking it (in addition to being highly insecure).
Just assume in your Python script that you are root (i.e. don't execute commands with sudo).
import os
os.system('su - xyz')
Then launch your Python script with sudo.
$ sudo python foo.py
Unless you have some weird requirements, this is the most natural way to do it.
You can try piping the password into the commandline string.
NOTE: This is VERY insecure. Anyone has access to your python script will know your password and can get a hold of your system.
import os
password = 'ABCDEFG'
os.system('echo {} | sudo -S su - xyz'.format(password))
EDIT: Note adding echo and -S to sudo, so it can accept password from a pipe
Related
I'm new in a company for IT and very few people here know Python so I can't ask then for help.
The problem: I need to create a script in Python that connects via ssh from my VM to my client server, after I access with my script I need to find a log file and search for a few data.
I tested my script within my Windows with a copy of that file and it searched everything that I need. However, I don't know how to do that connection via SSH.
I tried like this but I don't know where to start:
from subprocess import Popen, PIPE
import sys
ssh = subprocess.check_output(['ssh', 'my_server', 'password'], shell = True)
ssh.stdin.write("cd /path/")
ssh.stdin.write("cat file | grep err|error")
This generates a error "name 'subprocess' is not defined".
I don't understand how to use the subprocess nor how to begin to develop the solution.
Note: I can't use Paramiko because I don't have permission to install packages via pip or download the package manually.
You didn't import subprocess itself so you can't refer to it.
check_output simply runs a process and waits for it to finish, so you can't use that to run a process you want to interact with. But there is nothing interactive here, so let's use that actually.
The first argument to subprocess.Popen() and friends is either a string for the shell to parse, with shell=True; or a list of token passed directly to exec with no shell involved. (On some platforms, passing a list of tokens with shell=True actually happens to work, but this is coincidental, and could change in a future version of Python.)
ssh myhost password will try to run the command password on myhost so that's not what you want. Probably you should simply set things up for passwordless SSH in the first place.
... But you can use this syntax to run the commands in one go; just pass the shell commands to ssh as a string.
from subprocess import check_output
#import sys # Remove unused import
result = check_output(['ssh', 'my_server',
# Fix quoting and Useless Use of Cat, and pointless cd
"grep 'err|error' /path/file"])
I administer a few Check Point Firewalls at work that run on the Gaia operating system. Gaia is a hardened, purpose-built Linux OS using the 2.6 kernel.
I am a novice at Python and I need to write a script that will enter "expert mode" from the clish shell. Entering expert mode is similar to invoking su as it gives you root privileges in the BASH shell.
Clish is a Cisco like custom shell made to ease OS configuration changes. I saw a similar discussion at pexpect and ssh: how to format a string of commands after su - root -c, but people responding recommended sudo.
This is not an option for me as sudo is not supported by the OS and if you were to install it, clish would not recognize the command. The goal of my script would be to SSH to the device, login, invoke expert mode, then run grep admin /etc/passwd and date. Again, sudo is not an option.
clish does not support SSH. But you can change the shell of your user to /bin/bash instead of /etc/clish.sh
set user <myuser> shell /bin/bash
save config
I am trying to create a script that installs and configures multiple programs such as phpmyadmin using a password determined by the user. To ensure the password of the user is safe, I intend to generate the shell script below using a password entered by the user, pass it to the script for output, and destroy the script once it is done running to ensure the integrity of the password. The problem is, I'm not sure how to create shell scripts within a python code.
Script:
echo phpmyadmin phpmyadmin/dbconfig-install boolean true | debconf-set-selections
echo phpmyadmin phpmyadmin/app-password-confirm password pwd | debconf-set-selections
echo phpmyadmin phpmyadmin/mysql/admin-pass password pwd| debconf-set-selections
echo phpmyadmin phpmyadmin/mysql/app-pass password pwd| debconf-set-selections
echo phpmyadmin phpmyadmin/reconfigure-webserver multiselect apache2 | debconf-set-selections
echo phpmyadmin phpmyadmin/upgrade-backup boolean true | debconf-set-selections
You can generate the executable file as any other text file.
To make really executable, you either have to set executable permission on it, or call it with some interpreter like
$ source yourscriptfile
Btw - having passwords written to files is not very safe, imagine, your cleanup code would crash and not delete the files.
Often this is resolved by setting the password to system variable and referring in your script to that variable.
Python allows executing scripts (see subprocess) and manipulating environmental variables.
The general method for this is to add a #! (shebang or hashbang) directive at the beginning of the file so that the shell knows where to find the runtime requirements for the file. For example, a python script needs to know where to find python in your envorinment, so you can add:
#!/usr/bin/env python
as the first line in your python script. Then ensure you add the script or install it somewhere in your system $PATH or simply have a relative/absolute reference to the script. You generally also need to ensure that the script has executable permissions so that you can run it without a permissions error.
See this answer for more information on why /usr/bin/env python is used rather than a direct path to the python runtime.
So, this is kind of confusing but essentially I'm using Django and I want to instantiate a subprocess to run a perl script. I've read that this can be done with
arg = "/some/file/path/"
pipe = subprocess.Popen(["./uireplace", arg], stdin=subprocess.PIPE)
which works when I call it in the appropriate function in views.py but the script requires a sudo. I then call this
pipe = subprocess.Popen(["sudo","./uireplace", arg], stdin=subprocess.PIPE)
which works when I run it in python from a terminal but this doesn't work when it's called by a random user on the web. Is there any way to be able to automatically enter in a username and password for that sudo? The issue is that this can't be done with a prompt so it simply fails.
Solves this problem on the OS level. Giving any user from the web the right to use sudo does not sound right. Just make ./uireplace executable. There are lots of options for chmod to fine tune this.
I have written the python script for switch off/on the monitor at a particular time using following command in my .py file.
passwd='Mypassword'
subprocess.call('echo %s|sudo -S vbetool dpms on' % passwd, shell=True)
it works properly, but here i need to defined my password manually, but i need the system to automatically retrieve the password.
Is there any options available for the same, please let me know.
Run the script as sudo. You can have a check to see if the user is sudo before trying to perform the command:
import os, sys
if not os.geteuid()==0:
sys.exit("Please run as root")
os.system("vbetool dpms on")