I'm working on a cross-platform installation utility written in Java. I would like to be able to execute shell commands, for example "apt-get ..." on Linux. I'm using the ProcessBuilder API for this purpose.
Unfortunately, some commands require root privileges. I would like to execute the following shell command as root:
bash -c apt-get install -y [some package]
If I try to add "sudo" before "apt-get" nothing works because there is no terminal "sudo" can get the password from.
What should I do in order to ask the user for a password and then execute the above mentioned shell command?
A short code snippet would be very appreciated!
Thanks in advance!
Max
You could run gksudo <your command> but this ties your application to a certain UI, e.g. gnome, kde, etc.
You could write all the the root-tasks to a scriptfile and ask the user to execute it with root privileges. I know this sounds clumsy, but its done that way by quite a lot of "enterprise level" software vendors (e.g. the (Java-) installer of the Oracle RDBMS at least up to 11g).
Related
I researched this question and all answers suggest visudo to add:
Defaults:user !requiretty
It does not work!
I have two Linux boxes (RedHat). I have a Java class which uses ProcessBuilder/Process to execute commands. The class runs under a system account.
On both boxes, I run
su other-user -c 'some-command'
and provide the password for other-user in an input stream to the Process object.
On one box, the command succeeds and on the other I get the error above.
The sudoers files on both machines did not have exclusions for requiretty ('Defaults requiretty' is set on both files).
I tried adding the exclusion as suggested by the answers I found. I tried both the system user running the process and 'other-user'...
Does not work.
What else can be the issue? Do I need to restart the system after adding the requiretty exceptoin(s)?
sudoers is for sudo rather than su so you should use sudo.
According to su manual:
-c, --command COMMAND
Specify a command that will be invoked by the shell using its -c.
The executed command will have no controlling terminal. This option cannot be used to execute interactive programs which need a controlling TTY.
you can use a TTY spawning if you are trying to avoid using sudo or you don't have a sudo privileges.
Just invoke one of the following codes before running the code which giving you the error you mentioned.
here are some examples of codes you can use, depends on the code or the system you are using:
python -c 'import pty; pty.spawn("/bin/sh")'
echo os.system('/bin/bash')
/bin/sh -i
perl —e 'exec "/bin/sh";'
perl: exec "/bin/sh";
ruby: exec "/bin/sh"
lua: os.execute('/bin/sh')
(From within IRB)
exec "/bin/sh"
(From within vi)
:!bash
(From within vi)
:set shell=/bin/bash:shell
(From within nmap)
!sh
the first three choices up are my common used ones, and I am trusting their results.
I am using them while pentesting.
As an introduction, let's just say I'm a real noob using linux. I try to do the things right, don't hit me if it's ugly.
So, the problematic. I'm trying to run some jars as webservices on an ubuntu server. I created a specific user (nuxservice) with no pwd. I edited sudoers to enable a few users (myself & root) to sudo using this account with no password.
I then took a lot of inspiration from : http://www.jcgonzalez.com/linux-java-service-wrapper-example
Most is working, only one real problem, my java process seems to not have the right to create its logging files.
I run my services with a classic
sudo service myservice start/stop/restart
The command line that are launching my services are :
nohup sudo -u nuxservice java -jar myjar.jar myargs
When I do a ps -ef, the services are launches with my nuxservice user.
When I do ls -ld, nuxservice is the owner and have the rights.
If I launch the command in a terminal myself, it works. When launching as a service, my logs files are not created.
Any clues mates ?
So...
It was kinda silly.
My user rights were fine. Problem is, I did not set the working folder in my script so Java was all lost considering the creation of the folder/files for logging.
All I had to do was adding a little
cd $PATH_TO_JAR
And it was all set !
I am currently writing my master thesis and want to use this unofficial google api to automatically download some search queries.
https://github.com/elibus/j-google-trends-client/blob/master/README.md
I am very new to this stuff, so I would need some help to specify some inputs to get the data I need.
I have a list of queries in the same folder as the .jar which I want to use as imput for the API. But I fail to tell the program to use this folder as I do not know the proper command.
The creator of this API told me that the following would work on Linux (I use windows 8.1 (unfortunately)) but I could not transfer it to comands appropriate for my system.
for i in cat query_list.txt;do java -jar
java -jar j-google-trends-client.jar -u user -p pass -q "$i";done
More specifaclly, i got the msg that "i was unexpeted in that place". Does someone know that have to do?
Help would be much appreciated!
Thanks a lot and best regards
Micha
Those linux programs don't exist in Windows. Perhaps the following works (Java has to be in your path variable):
for /F "tokens=*" %A in (query_list.txt) do java -jar j-google-trends-client.jar -u user -p pass -q %A
I used How to do multiple things to each file in a directory with a batch script for this.
I am using tcl.lang.Interp.eval() to execute a "hello world" tcl script. The command used to execute the script is something like this-
source /path/of/my/script.tcl
Now how do I execute the script as sudo user as we cannot execute source using sudo through java program?
You can run tclsh (the “mothership” implementation of Tcl, written in C) from inside sudo just fine, or you can run a JVM which uses the TclJava library. However, sudo runs whole processes with elevated privileges and not just a library; you need to think in terms of creating a program that will do what you want, possibly with suitable arguments passed in.
FWIW, I'd start by trying:
sudo tclsh /path/of/my/script.tcl
That's going to be the simplest if it works; it's how tclsh is designed to be used (plus sudo). It's only unsuitable if the script requires access to an in-process JVM. If that's the case, you're probably going to have to write a small wrapper Java program.
I have a Java application executed from a ([ba]sh) shell script and unfortunately sometimes the people responsible for deploying it and starting it fail to switch to the appropriate user before starting the application. In this situation I'd like the application to not run at the very least, and ideally issue a warning not to do that. I thought about trying to alias java or change the path for root to include a fake java which does so, but this might have undesirable side effects and isn't going to be effective easily since the shell script specifies the full path to the java binary.
So, is there a standard idiom in shell scripts for 'don't run if I'm root'?
Example in bash:
if [ `id -u` = 0 ]; then
echo "You are root, go away!"
exit 1
fi
In BASH, you can take the output of whoami and compare it to root.
I use something like this at the beginning of scripts that I want to
be run under a service account:
LUSER='my-service'
if [ `id -un` != $LUSER ]; then
exec su $LUSER -s $SHELL -c "$0 $#"
fi
# actual script commands here.
If run as the correct user, execution will continue as planned. If run
as root, privileges are dropped to the wanted user-id. Other users
will get a password prompt which should tell them that something is
wrong.
su -s $SHELL ... is used to override the shell set in /etc/passwrd
-- it may be set to /bin/false for the service account.
I have used this on Debian systems, using bash and dash. Feel free
to comment if portability can be improved.