I am working on app in javafx , I am trying open an application using a command in terminal, I am running the command using my java code my command have some variable it's have path of my installer file which will not always be same because file name can be different as the builds are updated.
here is a sample as how I am running the command it's not the exact command which I am running but the command format is same.
Process process = Runtime.getRuntime().exec("echo password | sudo -S open -a safari");
String line;
BufferedReader input = new BufferedReader(new InputStreamReader(pb.getInputStream()));
while ((line = input.readLine()) != null) {
System.out.println(line);
}
input.close();
The process is not giving any output it stops there and nothing happens.
The same command I have tried from terminal and it works fine.
I have tried the things mention in this link
How to execute bash command with sudo privileges in Java?
but it also didn't worked.
I am also running command like "chmod +x" from my java code these commands runs fine.
my original command looks like this:-
runCommand = "echo" + " " + password + "| sudo -S " + "\"" + a.getAbsolutePath() + "\"" + " --deploymentFile="
+ "\"" + b.getAbsolutePath() + "\"";
where a.getAbsolutePath() is the path of the installer file and b.getAbsolutePath() is the path of the deployment file we used to install the application.
pb.getInputStream()
prints the command and when I copy and paste it is terminal it's runs fine.
pb.getErrorStream()
doesn't give anything.
I have tried running
String[] cmd = {"/bin/bash","-c","echo tester| sudo -S ","\"",a.getAbsolutePath(),"\"","\""," --deploymentFile=","\"",b.getAbsolutePath()};
and
String[] cmd = {"/bin/bash","-c","echo tester| sudo -S",a.getAbsolutePath(),"--deploymentFile=","\"",b.getAbsolutePath()};
also
here I got following error
getErrorStreamusage: sudo -h | -K | -k | -L | -V
getErrorStreamusage: sudo -v [-AknS] [-g groupname|#gid] [-p prompt] [-u user name|#uid]
getErrorStreamusage: sudo -l[l] [-AknS] [-g groupname|#gid] [-p prompt] [-U user name] [-u
getErrorStream user name|#uid] [-g groupname|#gid] [command]
getErrorStreamusage: sudo [-AbEHknPS] [-C fd] [-g groupname|#gid] [-p prompt] [-u user
getErrorStream name|#uid] [-g groupname|#gid] [VAR=value] [-i|-s] [<command>]
getErrorStreamusage: sudo -e [-AknS] [-C fd] [-g groupname|#gid] [-p prompt] [-u user
getErrorStream name|#uid] file ...
sudo
I'd strongly suggest to edit the sudoers file and allow the user running the application to use the specific commands via sudo without prompting for a password instead of doing an echo passwd | sudo ... construction.
That way you avoid storing passwords in the clear (or at best slightly obfuscated) in an application or configuration file, and you avoid the need to call a shell with a shell script that calls sudo, etc.
Sudoers can be edited via the command visudo. See here as an example how it is done on unbuntu, but it's the same on any unix. https://askubuntu.com/questions/159007/how-do-i-run-specific-sudo-commands-without-a-password
Additional ref: https://www.sudo.ws/man/1.8.16/sudoers.man.html
I think you're asking the wrong question though...
Authorization on a mac
On a mac applications that need to perform operations that require additional rights are not supposed to use sudo to start with.
An app is supposed to use the authorization services instead.
References:
Introduction to Authorization Services Programming Guide (apple)
Authorization Services Tasks (apple)
I need to give a java application super user access to view protected files on a mac
Is there any graphical "sudo" for Mac OS X?
I think you must use the full path to the application. This should work:
Runtime rt = Runtime.getRuntime();
rt.exec("echo password | sudo -S open -a /Applications/Safari.app");
Update:
Based on your comment you could try to split the process. The chances are good that open needs an interactive session.
Create a script (e.g. openSafari.sh) that will open Safari as user.
#!/etc/bash
echo $1 | sudo -S open -a /Applications/Safari.app &
Make it executable: chmod +x openSafari.sh, and call that script from java.
Runtime rt = Runtime.getRuntime();
rt.exec("/pathTo/openSafari.sh 'sudoPassword'");
I would NOT recommend doing this - do not shout at me if you break something :)
But what you are asking for can be achieve with:
String[] cmd = {"/bin/bash","-c","echo password | sudo -S open -a <path to app>"};
Process pb = Runtime.getRuntime().exec(cmd);
The Runtime.exec() methods run the given command directly, not via a shell. The particular overload you are using tokenizes the command at whitespace, and interprets the resulting tokens as the name of the command and the arguments. The only command executed by your invocation ...
Runtime.getRuntime().exec("echo password | sudo -S open -a safari");
... is therefore echo; everything else is an argument. The result is the following output to the process's standard output:
password | sudo -S open -a safari
There are at least a couple of ways to accomplish what you appear to want. The simplest modification of your original code would probably be
Process process = Runtime.getRuntime().exec(
new String[] { "bash", "-c", "echo password | sudo -S open -a safari" });
That achieves what you thought you were getting, by explicitly invoking a shell to run the command.
But that's a substantial security risk, because the password will appear in plain text in the process list. You can instead have your Java program feed in the password directly, and then also avoid getting bash involved:
Process process = Runtime.getRuntime().exec("/usr/bin/sudo -S open -a safari");
Writer toSudo = new OutputStreamWriter(process.getOutputStream());
String password = "password";
toSudo.write(password);
toSudo.write('\n'); // sudo's docs demand a newline after the password
toSudo.close(); // but closing the stream might be sufficient
Other considerations:
It is wise to give a full path to the sudo command, as demonstrated, to avoid running a different sudo that happens to be found first in the path. Since you're going to give it the password to a privileged account, it is important to minimize the possibility of running a rogue program.
It would also be wise to avoid storing passwords in the program or in a configuration file; thus, solutions that involve feeding a password to sudo should also involve inputting the password interactively from a user.
Security-conscious Java programs often prefer to keep passwords in char arrays instead of in Strings, so that they can be proactively wiped when no longer needed. Strings cannot be changed, and they may hang around inside the VM indefinitely (even more so than many other objects).
Generally speaking, you need to drain a Process's input and error streams, concurrently, whether you do anything with the contents or not. If you do not do so then the external process may block and / or may fail to exit. That's probably not an issue with safari in particular, however, because I don't think it ordinarily produces any output on those streams.
maybe use this
How to setup a SUDO_ASKPASS environment variable?
You can set the SUDO_PROMPT enviroment variable within the process call
Combine that with the fix to how you're using process jon bollinger, maciej, etc have mentioned.
Then have that bring up a password prompt for your user, or access a pki with your credentials in it. (for the love of god at least aes encrypt it if you go for the pki)
as you've said this is meant to run on others machines, it'll basically be a shitty uac prompt and that doesn't sound like a very mac/linux solution. swa66 is the best way, but this'll do quick and dirty.
I have developed a web app in Java which uses Scrapy to get some data. To reach that, I invoke a shell script from Java:
Process p = Runtime.getRuntime().exec("sh myPath/myScript.sh");
p.waitFor();
which contains
#!/bin/bash
cd mySpiderPath
echo "We are going tu run scrapy"
scrapy crawl mySpider
echo "done!"
After running it, both "echo" are printed but scrapy does nothing. If I run myScript.sh from shell it works perfectly... I'm confused!
What can I do to try to debug this strange behavior?
EDIT
I have changed myScript.sh to run python version instead of scrapy command, and it doesn't work... so, the conclusion is that is not an "scrapy problem" but it is a bash script problem when it's invoked from Java...any ideas? (if I execute myScript.sh from shell it works fine)
#!/bin/bash
cd mySpiderPath
echo "We are going tu run scrapy"
python --version
echo "done!"
Try changing:
Process p = Runtime.getRuntime().exec("sh myPath/myScript.sh");
to:
Process p = Runtime.getRuntime().exec("bash myPath/myScript.sh");
This will probably run the script with /bin/bash instead of /bin/sh, that often points to a simpler shell.
Our server machine runs many java programes. And some of them are launched with the command "java -jar ***.jar". but sometimes I have to stop one to update the class files in it. the problem is how can i fingure out which program is the one i want to stop, or is there a tool I can use to find out the executable jar files' location.
You can use jps command.
$ jps -v
34370 Jps -Dapplication.home=/Library/Java/JavaVirtualMachines/jdk1.8.0_20.jdk/Contents/Home -Xms8m
34341 main -XX:+TieredCompilation -Xbootclasspath/a:/usr/local/Cellar/leiningen/2.5.0/libexec/leiningen-2.5.0-standalone.jar -Dfile.encoding=UTF-8 -Dmaven.wagon.http.ssl.easy=false -Dleiningen.original.pwd=/Users/ntalbs/js-workspace/synapeditor_mobile -Dleiningen.script=/usr/local/bin/lein
jps will display all java processes. The first column is OS pid. You can check the messages on console, then kill what you want. Perhaps you want to check jps document from Oracle.
Also, you can use ps and grep command.
$ ps -ef | grep java
or
$ ps -aux | grep java
I'm essentially trying to accomplish the same result that running the command:
"top -n 1 -s cpu | grep -E 'list_of_package_names'"
on a machine that supports shell features such as piping ( | ) would return. That being the rows that are returned by the top command that contain the package name filtered by grep. Normally pretty simple stuff with shell features, however to my knowlegde android does not come with a commands shell and access to these command can only be achieved using Runtime:
Process p = Runtime.getRuntime().exec(...);
and then getting the inputstream and reading from it.
The problem is that Runtime.getRuntime().exec(...); does not know how to deal with shell language and the piping of commands. So is there a way to pipe the ouput of the the top command to the input of the grep command to essentially create the same functionality? Or is there a way to run the commands from a script or anything else that can achieve this result?
On a side note, I have been using adb client/server protocol in my shell commands to test the correctness of the syntax for example:
Runtime.getRuntime().exec("adb shell top -n 1 -s cpu | grep -E '" + shellParams + "'");
This returns the expected result as the adb shell contains shell features however cannot be used outside of debugging i.e. at runtime.
Any help would be greatly appreciated, this is my first post so please do let me know if I should be structuring my answer at all differently.
I have used the following scripting for start and stop a jar file.
**start.sh**
#!/bin/bash
nohup nice java -jar Server.jar > ./Server.out 2>&1 &
**stop.sh**
#!/bin/bash
kill `ps -ef | grep Server.jar | grep -v grep | awk '{ print $2 }'`
Now I want to merge both scripts and create a new restart script. I also want this script output in a terminal instead of a text file(Server.out).
Would appreciate any kind of input/help.
You can either put the commands of the two sripts after each other (kill first, java second) or just call the two scipts in the appropriate order.
The idea is that restart is basically equivalent to killing the current running version and starting a new one.
To avoid the output to a file, remove the > ./Server.out part.
Edit: removed note about removing the redirection part as I misread the grep part of the kill script
Update: Missed the nohup part of the script: with nohup you need to redirect output to a file, because the process is detached from the terminal (see documentation). If you do want to see the output in the terminal, remove nohup as well as the redirection to the file