pexpect with apache

half.italian at gmail.com half.italian at gmail.com
Thu Oct 19 16:27:24 EDT 2006


Thank you both for your help.  I don't know why I didn't think of that
before.  I had the expect mindset, and was determined to get it working
that way.

I added an entry for sudo for the script and it works without a hitch.
I'm still curious to know what was going on to disallow the
authentication in pexpect.  I had added 'www' to user 'admin', and
could su to root from the command line, so I don't think that was it.
Maybe it was a timing error, ie pexpect fired off the password too soon
or too late, or something in the apache environment that just
disallowed becoming root for security reasons.

Problem solved.

~Sean

martdi wrote:
> Since it wont require pyexpect, and based on the operations you
> accomplish with your python script, maybe that a bash script instead of
> a python one might be the best tool for the job you're trying to
> accomplish.
>
>
> martdi wrote:
> > Sudo is probably the best solution here, since in the file sudo.conf
> > you could restrict the www user only to the python script that requires
> > it.
> >
> > Also, using either sudo or the setuid flag would remove the need of
> > pexpect since all the commands will be run as the designated user.
> >
> > for setuid flag:
> > chmod u+s pythonScript.py
> > chown root pythonScript.py
> >
> > for the sudo solution, add an entry to /etc/sudo.conf or /etc/sudoers ,
> > depending on distro:
> > the syntax for a line in sudo.conf is:
> >     user hostlist = (userlist) commandlist
> >
> > so you might want to add:
> >     www localhost = NOPASSWD: /var/www/htdocs/pythonScript.py
> >
> > note:
> >     Replace the /var/www/htdocs/pythonScript.py with the path to where
> > your script is
> >     the NOPASSWD: is a flag that tells sudo that no password is
> > required
> >
> > Lee Harr wrote:
> > > > Well, first i don't think it is a good idea to have the python script
> > > > tu su to root, but for it to work, i think (Totally unsure about that)
> > > > www has to be in group wheel to be able to su.
> > > 
> > > 
> > > Maybe sudo can help here.




More information about the Python-list mailing list