pexpect with apache

martdi martin.dion at gmail.com
Thu Oct 19 00:16:40 CEST 2006


Sudo is probably the best solution here, since in the file sudo.conf
you could restrict the www user only to the python script that requires
it.

Also, using either sudo or the setuid flag would remove the need of
pexpect since all the commands will be run as the designated user.

for setuid flag:
chmod u+s pythonScript.py
chown root pythonScript.py

for the sudo solution, add an entry to /etc/sudo.conf or /etc/sudoers ,
depending on distro:
the syntax for a line in sudo.conf is:
    user hostlist = (userlist) commandlist

so you might want to add:
    www localhost = NOPASSWD: /var/www/htdocs/pythonScript.py

note:
    Replace the /var/www/htdocs/pythonScript.py with the path to where
your script is
    the NOPASSWD: is a flag that tells sudo that no password is
required

Lee Harr wrote:
> > Well, first i don't think it is a good idea to have the python script
> > tu su to root, but for it to work, i think (Totally unsure about that)
> > www has to be in group wheel to be able to su.
> 
> 
> Maybe sudo can help here.




More information about the Python-list mailing list