I am making a python script that will not be running in the terminal and as it has to sudo multiple scripts I need to be able to enter the password from the script. What I mean is this: A program that I wrote and only I am going to use starts. It uses a gui box to ask for my sudo password. I give it to it, and then it enters it when needed. I get the textbox part downpath, but how do I enter the password into the sudo program from python?
I found my answer here: https://superuser.com/questions/67765/sudo-with-password-in-one-command-line
It works like this:
$echo <password> | sudo -S <command>
Related
I am creating a Python script to install AUR packages but can't figure out how to detect yes/no and root password prompts.
So far what I have managed is to get rid of yes/no prompts using yes command, like this.
cmd = r'yes y | makepkg -si'
output = subprocess.Popen(cmd, stdout=subprocess.PIPE, shell=True, universal_newlines=True)
But still 2 problems persist:
Detect the password prompt: The password prompt appears mainly after makepkg enters in fakeroot. IDK how to detect that and supply the password from the script. There is no pattern actually. Some package evoke 1 y/n prompt while some prompt more than 1.
Enter actual password: Actually, I want to enter password through a GUI. So, basically, I want user to input password in a text box that I will create using Tkinter.
tkinter.simpledialog.askstring("Password", "Enter password:", show='*')
I am confused how to implement this. I looked up this problem already and some Stack Overflow posts demonstrate the use of pexpect but I am having hard time understanding it. But if it can be done using the standard libraries then it would be great.
Detect the password prompt: The password prompt appears mainly after makepkg enters in fakeroot. IDK how to detect that and supply the password from the script. There is no pattern actually. Some package evoke 1 y/n prompt while some prompt more than 1.
There is a pattern. An y/n prompt is shown when:
makepkg invokes pacman to install build dependencies (for the -s option);
makepkg invokes pacman to install the freshly built package (for the -i option);
makepkg invokes pacman to remove the build dependencies (for the -r option).
makepkg invokes pacman to...
In all cases, if makepkg is given the --noconfirm option, it will pass that to pacman as well.
Enter actual password: Actually, I want to enter password through a GUI. So, basically, I want user to input password in a text box that I will create using Tkinter.
The password prompt, if any, is shown by sudo. Sudo supports running external "askpass" tools through the SUDO_ASKPASS environment variable.
Write or install a program that shows the password prompt and outputs the password to stdout (e.g. ssh-askpass or zenity would do), then set the SUDO_ASKPASS environment variable to the program's path:
export SUDO_ASKPASS=/usr/local/bin/ssh-askpass
Finally, edit ~/.config/pacman/makepkg.conf to make makepkg run sudo -A for elevation, activating the "graphical askpass" feature:
PACMAN_AUTH=(sudo -A)
Please note, I'm NOT asking about the user running it but rather did he run it as sudo command or not
I have a python script, which I want to obligate the user to run it like this:
sudo python3 script.py
and not like this:
python3 script.py
How can I do verify in run time if it was run correctly or not (if so end program using sys.exit())?
Check out this topic:
What is the best way for checking if the user of a script has root-like privileges?
It has a bunch of solutions that you might find helpful.
This question already has answers here:
Using sudo with Python script
(14 answers)
Closed 3 years ago.
Sorry, I am new to python and I need to make a python script, to run some terminal commands. Normal commands are ok. But, the problem is with sudo commands. For example: I need to run:
sudo -i
So, I tried the following code.
import os
os.system("sudo -i")
This code is executing the command, but in terminal, it is asking for password. So, is it possible to add the password with the command in the script, so that, it won't ask for passwords? For example: if my password is "MYPASS12", how can I add it in the code, so it won't make problem.
-S flag makes sudo read from STDIN
echo mypassword | sudo -S command
But it is better to check if your script is run by root rather than echoing the password.
I am running my python in ubuntu and trying to make a script that communicates with the shell. My script is simple
import os
os.system('sudo su - xyz')
when I run the script and try to login xyz, it asks for the password in my shell. But how do I send the password via the python script and just login.? Is there a better way to do this ?
Piping a hardcoded password into stdin so that you don't have to input it for a command which requires sudoer privileges is overthinking it (in addition to being highly insecure).
Just assume in your Python script that you are root (i.e. don't execute commands with sudo).
import os
os.system('su - xyz')
Then launch your Python script with sudo.
$ sudo python foo.py
Unless you have some weird requirements, this is the most natural way to do it.
You can try piping the password into the commandline string.
NOTE: This is VERY insecure. Anyone has access to your python script will know your password and can get a hold of your system.
import os
password = 'ABCDEFG'
os.system('echo {} | sudo -S su - xyz'.format(password))
EDIT: Note adding echo and -S to sudo, so it can accept password from a pipe
My system is setup to allow for a certain user to run sudo commands without password prompting. This has been working fine for ages. Now I come across a very unusual problem, where certain commands are prompting for a sudo password. I think this is because fabric is parsing the output and decides that a password is being requested on the far end.
But, actually, this is wrong! No password is being requested (I can run the same command just fine with ssh, no passwords prompted). I have at least identified the command ps -ef as problematic, I think because of the kind of output that is being produced.
In fact, the command ps -ef is also showing the command that fabric is using to run this command on the far end, and I think this is confusing fabric. It is probably thinking that a sudo in the output means password is needed. This is the part of the output which is blocking fabric to prompt for a password:
[aaaa#bbbb:22] out: aaaa 9917 9790 0 15:10 ? 00:00:00 sshd: aaaa#notty
[aaaa#bbbb:22] out: root 9918 9917 0 15:10 ? 00:00:00 sudo -S -p sudo password:
Is it possible to tell fabric no to parse the output at all, or at least not to prompt for a password?
try setting your shell to false before calling your command.
env.shell = False