pexpect with apache

martdi martin.dion at gmail.com
Wed Oct 18 16:16:50 EDT 2006


Well, first i don't think it is a good idea to have the python script
tu su to root, but for it to work, i think (Totally unsure about that)
www has to be in group wheel to be able to su.

An other way to make your script run as root is to set the setuid bit
on your python script to make it run as root, without using su.


half.italian at gmail.com wrote:
> Hi all.  I try not to post until I am stuck in hole with no way out.  I
> fought with this for several hours, and am currently in the hole.
>
> I'm doing a proof of concept for creating afp shares dynamically
> through a web interface from a client machine.  I use a bit of php to
> setup a simple form, and then have the php execute my python script on
> the server.  The python script tries to 'su' to root to create the
> share, create dirs, set perms, etc
>
> The python script alone works fine as 'www'.  I can become 'www',  run
> it from the command line and the share is made.  But when I try to have
> the web server execute it, I continually get a password failure.  I'm
> positive the password is correct.
>
> Any ideas?
>
> ~Sean D
>
> ~~~~~~~~~~~test.py
> #! /usr/bin/env python
>
> import commands, os, P, pexpect
>
> sharename = sys.argv[1]
>
> root = "/Users/Shared"
> sharepath = os.path.join(root, sharename)
> password = P.P()
>
> COMMAND_PROMPT = '[$%#]'
> child = pexpect.spawn('su')
> i = child.expect([pexpect.TIMEOUT, '[Pp]assword:'], timeout=1)
> child.sendline(password.Decrypt(password.sean))
>
> i = child.expect (['su: Sorry', COMMAND_PROMPT])
>
> if i == 0:
> 	print 'Password not accepted'
> 	sys.exit(1)
> else:
> 	print "Making dir: %s" % sharepath
> 	child.sendline("mkdir %s" % sharepath)
> 	i = child.expect([pexpect.TIMEOUT, COMMAND_PROMPT] ,timeout=1)
> 	print "Setting group to 'audio'"
> 	child.sendline("chgrp audio %s" % sharepath)
> 	i = child.expect([pexpect.TIMEOUT, COMMAND_PROMPT] ,timeout=1)
> 	print "setting owner to 'audio01'"
> 	child.sendline("chown audio01 %s" % sharepath)
> 	i = child.expect([pexpect.TIMEOUT, COMMAND_PROMPT] ,timeout=1)
> 	print "Opening permissions"
> 	child.sendline("chmod 777 %s" % sharepath)
> 	i = child.expect([pexpect.TIMEOUT, COMMAND_PROMPT] ,timeout=1)
> 	print "sharing -a %s -s 100" % sharepath
> 	child.sendline("sharing -a %s -s 100" % sharepath)
> 	i = child.expect([pexpect.TIMEOUT, COMMAND_PROMPT] ,timeout=1)
> 	sys.exit(0)
>
> ~~~~~~~~~~~test.php
> <html>
> <body>
> <?php
>
> if (isset($_GET['sharename'])) {
> 	$last_line = system("/Users/Shared/test.py {$_GET['sharename']}",
> $retval);
> 	if ($retval == 0) {
> 		echo "<br><h2>Mount afp://xxx.xxx.xxx.xxx/{$_GET['sharename']}</h2>";
> 	} else {
> 		echo "<br><h2>Failed creating share!</h2>";
> 	}
> } else {
>
> 	echo "<form action='test.php'>";
> 	echo "<table>";
> 	echo "<td>Name of share:</td><td><input type='text'
> name='sharename'></td>";
> 	echo "</table></form>";
> }
> 
> ?>
> </body>
> </html>




More information about the Python-list mailing list