I've written a fan control script in Lua, and I'm running Linux. The fan control needs to write to /sys/ so I need to be super user.
I want to inform the user if they are NOT super user. What's the best way to go about doing this?
The only certain test is to check whether the POSIX geteuid() call returns zero.
For this you may have to use a Lua library like luaposix.
Or you can shell out and run id -u to see if it outputs 0.
Since it's Linux, you can try this, which is stock Lua and does not need additional libraries:
function running_as_root()
local f=io.open"/root"
if f==nil then return false else io.close(f) return true end
end
But why not just try to write to /sys/ and report failure if that happens?
best thing to do is just report failure: you could have a system where other users than root have access to sysfs.
fd = assert(io.open("/sys/...."))
Related
I managed to install windows based network printer with python3 on ubuntu.
For better coding, I want to check first if the file with the drivers in it exists after the download. I know it is possible with os.path.isfile or something like that but I would like to do that with subprocess although os will not be supported in the future anymore.
So how do I do it? With subprocess.call or something like that?
to check for a file to be present, You ideally use pathlib, which is the pythonic and portable way to interact with the filesystem.
But to avoid Time of Check to Time of Use Errors (TOCTTOU) You should consider:
Instead of :
if check_printer_present():
# now, after checking the printer is present,
# the printer might go offline
use_printer()
better use:
try:
use_printer()
except PrinterError():
printer_error_cleanup()
see:
https://de.wikipedia.org/wiki/Time-of-Check-to-Time-of-Use-Problem
You might remember that idiom as :
it's better to ask forgiveness than permission
(t is better to act decisively and apologize for it later
than to seek approval to act and risk delay, objections, etc.)
We have a python script that needs to trigger the open of the Microsoft Store. We believe that the easiest way to do that is to use the ms-windows-store:// protocol.
We're currently doing that like this
import subprocess
ret = subprocess.call(["start", "ms-windows-store://pdp/?ProductId=9WZDNCRFHVJL"], shell=True)
Is that the recommended way to do this? I'm not sure if using start is correct here, or if there's something better?
Use os.startfile("ms-windows-store://pdp/?ProductId=9WZDNCRFHVJL"). This calls WINAPI ShellExecuteW directly. If you use subprocess, you have the expense of starting a child process. Plus CMD's start command will first search PATH to find a file that it can execute. Presuming nothing is found (and nothing likely will be, given this name), it hands the request off to ShellExecuteExW to let the OS shell handle it.
we are interested in blocking isrddn for some of the users. We are trying to do it without creating a shell of our own, is there something inside isrddn that will help? What is the easiest way to do it? Thank you!
You can utilize Exit 3/4 (SELECT start and end exits). Exit 3 could be used to check for SELECT PGM(ISRDDN) and then do some sort of authorization check to see if the user is allowed to run the pgm. If not set rc=8 (or 16) to terminate the SELECT service with an authorization failure.. This would be how to do it using ISPF. There might be ways via your security software as well. A SELECT PGM(ISRDDN) will generate a LINK SVC for ISRDDN, so a hook in the LINK macro could do security checks.
ISRDDN does a lot more than just the LISTALC function as can be seen by checking the tutorial. Keep in mind that ISPF is not authorized code and a "smart" programmer could write their own routines to do the same thing.
What I mean by this is:
I have a program. The end user is currently using it. I submit a new piece of source code and expect it to run as if it were always there?
I can't find an answer that specifically answers the point.
I'd like to be able to say, "extend" or add new features (rather than fix something that's already there on the fly) to the program without requiring a termination of the program (eg. Restart or exit).
Yes, you can definitely do that in python.
Although, it opens a security hole, so be very careful.
You can easily do this by setting up a "loader" class that can collect the source code you want it to use and then call the exec builtin function, just pass some python source code in and it will be evaluated.
Check the package
http://opensourcehacker.com/2011/11/08/sauna-reload-the-most-awesomely-named-python-package-ever/ . It allows to overcome certain raw edges of plain exec. Also it may be worth to check Dynamically reload a class definition in Python
I'm working on an application controller for a program that is spitting text directly to /dev/tty.
This is a production application controller that must be able to catch all text going to the terminal. Generally, this isn't a problem. We simply redirect stdout and stderr. This particular application is making direct calls to echo and redirecting the result to /dev/tty (echo "some text" > /dev/tty). Redirects via my application controller are failing to catch the text.
I do have the source for this application, but am not in a position to modify it, nor is it being maintained anymore. Any ideas on how to catch and/or throw away the output?
screen -D -m yourEvilProgram
should work. Much time passed sinced I used it, but if you need to read some of its output it could even be possible that you could utilize some sockets to read it.
[Added: two links, Rackaid and Pixelbeat, and the home page at GNU]
The classic solution to controlling an application like this is Expect, which sets up pseudo-terminals, does logging, and drives the controlled application from a script. It comes with lots of sample scripts so you can probably just adapt one to fit your needs.
This is what I did in python
import pty, os
pid, fd = pty.fork()
if pid == 0: # In the child process execute another command
os.execv('./my-progr', [''])
print "Execv never returns :-)"
else:
while True:
try:
print os.read(fd,65536),
except OSError:
break
I can't quite determine whether the screen program mentioned by #flolo will do what you need or not. It may, but I'm not sure whether there is a logging facility built in, which appears to be what you need.
There probably is a program out there already to do what you need. I'd nominate sudosh as a possibility.
If you end up needing to write your own, you'll probably need to use a pseudo-tty (pty) and have your application controller sit in between the user's real terminal connection and the the pty device, where it can log whatever you need it to log. That's not trivial. You can find information about this in Rochkind's "Advanced UNIX Programming, 2nd Edn" book, and no doubt other similar books (Stevens' "Advanced Programming in the UNIX Environment" book is a likely candidate, but I don't have a copy to verify that).