Reputation: 41
Run sh file as root in python file
i´m trying to run an .sh file from my python skript to manually start a synch process with clone.
is there an easy way?
I tryed:
os.system('sudo su')
os.system('cd /home/pi/Desktop/webcam')
os.system('./clone.sh')
but after the first comand nothing happens.
Thanks
Upvotes: 0
Views: 126
Answers (2)
Reputation: 20593
Each system() call forks off a child process
and then waits for it to finish.
The child does stuff and then exits.
Your initial su changed UID to zero in the child,
and then it exited, so the zero UID was lost with death of the child.
The cd then changed CWD in the child,
and when it exits, again we find there's no effect on the parent
and no effect on subsequent commands.
By the time you run the clone script,
it's running with wrong UID and wrong CWD.
You want this:
os.chdir('/home/pi/Desktop/webcam')
os.system('sudo ./clone.sh')
(Or perhaps sudo bash clone.sh, if there's no
#! shebang.)
EDIT
Feel free to limit the CWD change to just the child, if desired.
folder = '/home/pi/Desktop/webcam'
os.system(f'sudo bash -c "cd {folder} && ./clone.sh"')
Upvotes: 0
Reputation: 44
Two separate thoughts here.
Firstly - you are running THREE different commands - and the first one does 'sudo su' and then finishes, there is nothing left over when the os.system() call finishes. Then the second and third ones run as whatever user is running the python, and then finish.
If you want to do it this way, then you need to run a single command in the right directory.
# Set the active directory for future os.system commands
os.chdir('/home/pi/Desktop/webcam')
# Run the ./clone.sh script using sudo
os.system('sudo bash ./clone.sh')
If clone.sh is robust, and knows what directories it has to clone, then you might be able to just do
os.system('sudo bash /home/pi/Desktop/webcam/clone.sh')
This assumes that your /etc/sudoers allows this python code to run that script as root.
The second thought - is that this might not be the most secure way to do thing. Having your python code running a script that has root access might allow a remote attacker an entry path into your server.
Is there a reason why the clone action needs to happen as root ? Can you setup the permissions on the files so that this python user can run clone without needing sudo ?
If this is a small piece of code - then it may not be worth breaking apart the roles - but if this is production code - and you really need the clone action to happen as root, then it might be worth having the root level actions happen in one process, and the non-root actions happen in this process.
Imagine that you have a cron script that runs every minute and runs a slightly smarter clone.sh script, and the start of the clone.sh script looks for /home/pi/Desktop/webcam/data/clone-request-timestamp.txt ( I just made up that filename) , and if the time/date on that text file is old, then the clone script exits.
However - if the timestamp is fresh - and there isn't an existing clone running - then the clone script does it's job.
In this scenario - the python code is signaling that the clone.sh script needs to run by changing a timestamp on the file - the python code is never running anything as root.
There are a lot of different patterns for how to keep the separation of permissions/duties - take the suggestion above as an example - rather than necessarily the best way for your usecase.
Upvotes: 0
Related Questions
- How do I merge two dictionaries in a single expression in Python?
- What does the "yield" keyword do in Python?
- Does Python have a ternary conditional operator?
- Convert bytes to a string in Python 3
- What is the difference between @staticmethod and @classmethod in Python?
- How slicing in Python works
- How do I check whether a file exists without exceptions?
- What are metaclasses in Python?
- How can I delete a file or folder in Python?
- How do I get the current time in Python?