0

So I have a pyGTK app going on nicely, but it requires sudo permission (under Linux) to perform a BASH operation.
If I prompt for a password using a GUI, is there any way I can do my BASH stuff without sudo asking the user for a password in the console?

# example
# ...
from os import system
# ...
system("sudo mkdir /dev/home")

Given a password, and using pyGTK, how could I run that system() operation without even touching a terminal?

Thank-you.

ps; ive seen this done in Tk, but the code was too obfuscated to make out what the heck they did...
If you've got time to kill; check out KleanSweep (its a KDE app). When you start it, it asks for your root password and then it does what it needs to.

3
Contributors
5
Replies
6
Views
8 Years
Discussion Span
Last Post by 1337455 10534
0

I've looked at kleansweep and it doesn't prompt me for a root password. However I believe this is probably done not by kleansweep but by KDE. In the KDE menu editor (Under System) you can add or edit a program entry and tell KDE to run that program as a different user. If root is chosen this will then prompt for the password when it is ran. You could do this for your python program creating a KDE menu entry for "python /your/path/your_script.py"
for example and tell KDE to run this as user root. This will then prompt for a password at program launch.

0

I'm running GNOME :D.
Did you try to actually remove anything with KleanSweep? Because it still prompts for a password when I use it (if you do, make sure to back up).

One more thing, did you run KS as root?
Also, I was hoping to make my program portable (so it wont depend on Kconf or Gconf, w/e)

0

When I start kleansweep it warns me that I must run it as root to delete all files and no - I never run things as root.
I've been playing around with another way of achieving this.

I created a bash shell script that called the python script "python /home/test/makdir.sh" and added this to the sudoers file with a NOPASSWD entry. I then aliased "sudo /home/test/makdir.sh to makdir.sh. I altered th python program so it just called "system('mkdir /dev/test'" - no need for the sudo as the whole thing was sudoed.

Now just typing /home/test/makdir.sh from the terminal willl run the script as root and create the directory without a password.

The same could probably be achieved by making a sudoers entry for "python /home/test/makdir.py" NOPASSWD missing out the need for a bash script altogether.

I've also tried SETUID mods on the python file and the bash script with no luck - the above methods work though.

I don't know a way of escalating privileges from within python itself but I doubt if this is possible as it would be highly dangerous.

Personally - I hate sudo and would alias a program requiring root privileges to "su -c program" letting the user type in a password or "Run as root" from my DE, again requiring a user password. I don't know Gnome but I assume a menu item could be created to "run as another user" requiring a password as it can in KDE.

0

Reading this it seem the requirement is to only use GUI to prompt for the password and use sudo functinality. Have you thought of calling gksu instead of sudo - gksu is a gtk frontend to sudo? i.e.:

# example
# ...
from os import system
# ...
system("gksu mkdir /dev/home")

HTH

0

Sudo has its uses, overall I think its important, though it can be a pain.
Let me stress that this has to be portable. I can't randomly create scripts like that on multiple-users computers. People will be concerned.
Right now, I have a script that detects the DE and then accordingly either uses gksu, kdesu or upon failed detection, sudo, to launch my app. There is a nice box where the user enters their password, and then the script launches my app as a root process. I would rather contain it in 1 program.
I've heard people say that launching graphical apps with sudo may cause X to 'bork', so I normally don't do that, but I just need to execute CLI apps.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.