Tuesday, October 30, 2018

Re: migrate python script from sudo to doas

Hi,

as I stated before on a cmd is no problem, Im using 6.4 release


Am 30.10.2018 um 12:56 schrieb Solene Rapenne:
> Markus Rosjat <rosjat@ghweb.de> wrote:
>> hi all,
>>
>> I have some old python scripts that using os.spawnl to execute stuff
>> like useradd  combined with sudo. This worked just fine on systems with
>> sudo installed  but these days we have doas and its totally enough for
>> things I use to do so I said to myself "lets update these old scripts
>> ..." . In code this was basically replasing os.spawnl with
>> subprocess.check_call  but when I run this the useradd command doesnt
>> get executed by the script. On the cmd it does, so this works on cmd:
>>
>> doas useradd -u 666 -g =uid -s /sbin/nologin -d
>> /var/mail/domain.tld/vmailuser0666 vmailuser0666
>>
>> but in the script I with the code like this:
>>
>>  exit = subprocess.check_call(['doas', 'useradd', '-u %s' % user_id,
>> '-g =uid',
>> '-s /sbin/nologin',
>> '-d %s' % mb_parent_dir,
>> user_name])
>>
>> I get an exception that seems to be related to the fact that doas isnt
>> really working here
>>
>> doas: Authorization failed <- this comes from the script even the
>> provided password is correct
>>
>> Traceback (most recent call last):
>>   File "/root/scripts/mb_add", line 244, in <module>
>>     mb_addresses)
>>   File "/root/scripts/mb_add", line 174, in add_mailbox
>>     user_name])
>>   File "/usr/local/lib/python2.7/subprocess.py", line 190, in check_call
>>     raise CalledProcessError(retcode, cmd)
>> subprocess.CalledProcessError: Command '['doas', 'useradd', '-u 666',
>> '-g =uid', '-s /sbin/nologin', '-d /var/mail/domain.tld/vmailuser666',
>> 'vmailuser666']' returned non-zero exit status 1
>>
>> So does someone had some issues with migrating scripts from sudo to
>> doas, then some help or hintw would be very appreciated.
>>
>>
>> regards
> hi
>
> what openbsd version are you using?
> did you try the command outside of python?
>
> There were issues with doas a few days ago in snapshots.
>

--
Markus Rosjat fon: +49 351 8107224 mail: rosjat@ghweb.de

G+H Webservice GbR Gorzolla, Herrmann
Königsbrücker Str. 70, 01099 Dresden

http://www.ghweb.de
fon: +49 351 8107220 fax: +49 351 8107227

Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before you print it, think about your responsibility and commitment to the ENVIRONMENT

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)