So I have a pyGTK app going on nicely, but it requires sudo permission (under Linux) to perform a BASH operation.
If I prompt for a password using a GUI, is there any way I can do my BASH stuff without sudo asking the user for a password in the console?

# example
# ...
from os import system
# ...
system("sudo mkdir /dev/home")

Given a password, and using pyGTK, how could I run that system() operation without even touching a terminal?

Thank-you.

ps; ive seen this done in Tk, but the code was too obfuscated to make out what the heck they did...
If you've got time to kill; check out KleanSweep (its a KDE app). When you start it, it asks for your root password and then it does what it needs to.

Recommended Answers

All 5 Replies

I've looked at kleansweep and it doesn't prompt me for a root password. However I believe this is probably done not by kleansweep but by KDE. In the KDE menu editor (Under System) you can add or edit a program entry and tell KDE to run that program as a different user. If root is chosen this will then prompt for the password when it is ran. You could do this for your python program creating a KDE menu entry for "python /your/path/your_script.py"
for example and tell KDE to run this as user root. This will then prompt for a password at program launch.

I'm running GNOME :D.
Did you try to actually remove anything with KleanSweep? Because it still prompts for a password when I use it (if you do, make sure to back up).

One more thing, did you run KS as root?
Also, I was hoping to make my program portable (so it wont depend on Kconf or Gconf, w/e)

When I start kleansweep it warns me that I must run it as root to delete all files and no - I never run things as root.
I've been playing around with another way of achieving this.

I created a bash shell script that called the python script "python /home/test/makdir.sh" and added this to the sudoers file with a NOPASSWD entry. I then aliased "sudo /home/test/makdir.sh to makdir.sh. I altered th python program so it just called "system('mkdir /dev/test'" - no need for the sudo as the whole thing was sudoed.

Now just typing /home/test/makdir.sh from the terminal willl run the script as root and create the directory without a password.

The same could probably be achieved by making a sudoers entry for "python /home/test/makdir.py" NOPASSWD missing out the need for a bash script altogether.

I've also tried SETUID mods on the python file and the bash script with no luck - the above methods work though.

I don't know a way of escalating privileges from within python itself but I doubt if this is possible as it would be highly dangerous.

Personally - I hate sudo and would alias a program requiring root privileges to "su -c program" letting the user type in a password or "Run as root" from my DE, again requiring a user password. I don't know Gnome but I assume a menu item could be created to "run as another user" requiring a password as it can in KDE.

Reading this it seem the requirement is to only use GUI to prompt for the password and use sudo functinality. Have you thought of calling gksu instead of sudo - gksu is a gtk frontend to sudo? i.e.:

# example
# ...
from os import system
# ...
system("gksu mkdir /dev/home")

HTH

Sudo has its uses, overall I think its important, though it can be a pain.
Let me stress that this has to be portable. I can't randomly create scripts like that on multiple-users computers. People will be concerned.
Right now, I have a script that detects the DE and then accordingly either uses gksu, kdesu or upon failed detection, sudo, to launch my app. There is a nice box where the user enters their password, and then the script launches my app as a root process. I would rather contain it in 1 program.
I've heard people say that launching graphical apps with sudo may cause X to 'bork', so I normally don't do that, but I just need to execute CLI apps.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.