I received a project recently and I am wondering how to do something in a correct and secure manner.
The situation is the following:
There are classes to manage linux users, mysql users and databases and apache virtual hosts. They're used to automate the addition of users in a small shared-hosting environnement. These classes are then used in command-line scripts to offer a nice interface for the system administrator.
I am now asked to build a simple web interface to offer a GUI to the administrator and then offer some features directly to the users (change their unix password and other daily procedures).
I don't know how to implement the web application. It will run in Apache (with the apache user) but the classes need to access files and commands that are only usable by the root user to do the necessary changes (e.g useradd and virtual hosts configuration files). When using the command-line scripts, it is not a problem as they are run under the correct user. Giving permissions to the apache user would probably be dangerous.
What would be the best technique to allow this through the web application ? I would like to use the classes directly if possible (it would be handier than calling the command line scripts like external processes and parsing output) but I can't see how to do this in a secure manner.
I saw existing products doing similar things (webmin, eBox, ...) but I don't know how it works.
PS: The classes I received are simple but really badly programmed and barely commented. They are actually in PHP but I'm planning to port them to python. Then I'd like to use the Django framework to build the web admin interface.
Thanks and sorry if the question is not clear enough.
EDIT: I read a little bit about webmin and saw that it uses its own mini web server (called miniserv.pl). It seems like a good solution. The user running this server should then have permissions to modify the files and use the commands. How could I do something similar with Django? Use the development server? Would it be better to use something like CherryPy?
Hello
You can easily create web applications in Python using WSGI-compliant web frameworks such as CherryPy2 and templating engines such as Genshi. You can use the 'subprocess' module to manadge external commands...
You can use sudo to give the apache user root permission for only the commands/scripts you need for your web app.
Related
I've never worked with Django before so forgive me if a question sounds stupid.
I need to develop a web application, but I do not want to deploy it on a server. I need to package it, so that others would "install" it on their machine and run it. Why I want to do it this way? There are many reasons, which I don't want to go into right now. My question is: can I do it? If yes, then how?
This is possible. However, the client machine would need to be equipped with the correct technologies for this to work.
When you launch a web app on a server (live), the server is required to have certain settings and installs. For example, a Django web app: the server must have a version of Django installed.
Hence, whichever machine is running your web app, must have Django installed. It presumably also needs to have the database too. It might be quite a hassling process but it's possible.
Just like as a developer, you may have multiple users working on 1 project. So, they all need to have that project 'installed' on their devices so they can run it locally.
You need to either use a python to executable program, with Django already in it. The website files you can place into the dist folder or whatever folder has the executable in it. Then you can compress it and share it with others (who have the same OS as you).
For an example:
You have this script in Django (I'm too lazy to actually write one), and you want to share it with someone who doesn't have Python and Django on his/her computer.
Yesterday I have found information about G-WAN server.
I have searched many websites but I couldn't discover how to run frameworks like Web2Py which is more complex then simple hello.py file.
Is there an easy way to do this?
Maybe uWSGI support?
G-WAN supports the CGI interface, so the CGI environment variables are already there. Usually, Web frameworks are built over this layer.
If uWSGI provides more environment variables that are needed for your project then please drop us a line at gwan.com to explain more precisely what you need.
For very simple, internal web-apps using ASP I was able to just switch IIS 'on' and then write some ASP scripts in the www directory that would start working immediately.
Is there an equivalent webserver app for Python scripts that I can run that will automatically start serving dynamic pages (python scripts) in a certain folder (with virtually no configuration)?
Solutions I've already found are either too limited (e.g. SimpleHTTPRequestHandler doesn't serve dynamic content) or require configuring the script that does the serving.
There's always CGI. Add a script mapping of .py to "C:\Python27\python.exe" -u "%s" then drop .py files in a folder and IIS will execute them.
I'd not generally recommend it for real work—in the longer term you would definitely want to write apps to WSGI, and then deploy them through any number of interfaces including CGI—but it can be handy for quick prototyping.
For development or just to play around, here's an example using the standard Python library that I have used to help friend who wanted to get a basic CGI server up and running. It will serve python scripts from cgi-bin and files from the root folder. I'm not near a Windows computer at the moment to make sure that this still works. This also assumes Python2.x. Python 3.x has this, it's just not named the same.
Make a directory on your harddrive with a cgi-bin folder in it (Ex. "C:\server\cgi-bin")
In a command window, navigate to "C:\server" directory
Type the following assuming you've installed python 2.7 in C:\Python27:
"c:\python27\python.exe -m CGIHTTPServer"
You should get a message like "Serving HTTP on 0.0.0.0 port 8000"
Linux is the same - "python -m CGIHTTPServer" in a directory with a cgi-bin/ in it.
WSGI setups are fairly easy to get started, but in no anyway turn key. django MVC has a simple built in development server if you plan on using a more comprehensive framework.
My limited experience with Python web frameworks has taught me that most go to one extreme or the other: Django on one end is a full-stack MVC framework, that will do pretty much everything for you. On the other end, there are Flask, web.py, CherryPy, etc., which do much less, but stay out of your way.
CherryPy, for example, not only comes with no ORM, and doesn't require MVC, but it doesn't even have a templating engine. So unless you use it with something like Cheetah, you can't write what would look like .asp at all.
My goal is to use to make it easy for non-programmers to execute a Python script with fairly complex options, on a single local machine that I have access to. I'd like to use the browser (specifically Safari on OS X) as a poor man's GUI. A short script would process the form data and then send it on to the main program(s).
I have some basic examples of python scripts run using the built-in Apache server, by clicking submit on a form whose html is th:
e.g. here. What I want to do now is do it without the server, just getting the form to invoke the script in the same directory. Do I have to learn javascript or ...? I'd be grateful for any leads you have. Thanks.
It doesn't make sense -- what a browser does when it submits a form by definition is to make a request to a web server.
If all that's going on is that you don't want to be running Apache, you could hook something simple up using the CGIHTTPServer class that's provided as part of the Python Standard library.
If you don't want a server process at all, and you're using a suitably modern browser, you may want to look at using HTML5 local storage, but that's not a Python solution.
Well, there always has to be some kind of "server" involved to communicate over HTTP. You could have a python script listening on port 80 on your machine, that in turn runs the scripts specified with the form's action attribute.
You won't get away without some sort of server, I'm afraid.
PS: There are already a couple of good minimalistic python HTTP servers that would do the trick. Just google for it.
Regards, aefxx
Pyjamas Desktop will allow you to deploy a browser-based desktop application.
How can we call the CLI executables commands using Python
For example i have 3 linux servers which are at the remote location and i want to execute some commands on those servers like finding the version of the operating system or executing any other commands. So how can we do this in Python. I know this is done through some sort of web service (SOAP or REST) or API but i am not sure....... So could you all please guide me.
Depends on how you want to design your software.
You could do stand-alone scripts as servers listening for requests on specific ports,
or you could use a webserver which runs python scripts so you just have to access a URL.
REST is one option to implement the latter.
You should then look for frameworks for REST development with python, or if it’s simple logic with not so many possible requests can do it on your own as a web-script.
Maybe you should take a look at Pushy, which allows to connect to remote machines through SSH and make them execute various Python functions. I like using it because there are no server-side dependencies except the SSH server and a Python interpreter, and is therefore really easy to deploy.
Edit: But if you wish to code this by yourself, i think SOAP is a nice solution, the SOAPpy module is great and very easy to use.
You can use Twisted,
It is easy create ssh clients or servers.
Examples:
http://twistedmatrix.com/documents/current/conch/examples/