-1

I've been trying to run Linux terminal commands via a Python script, and I can't seem to do anything with what I've found so far.

This is what I've done so far:

import os
import crypt

def addnewuser():

    uname=raw_input("Select Username")
    upass=raw_input("Select Password")

    #The encryption module seems to solve the obvious security leak,
    #but I still don't know whether even the exposed encrypted password is safe or not.
    ucrypt=crypt.crypt(upass,"123")
    os.system("useradd -m -p "+upass+" "+uname)

addnewuser()

This has been asked before, but I can't seem to find a solution, because whenever I run the script, nothing changes when I try to display all user when I'm typing 

compgen -u

on the terminal.

Update 1: I want to make the process secure, and I've found that I can protect the sudo password from being recorded in the terminal history by using the stdout file. How can I write there with python to create users?

Update 2: I have managed to avoid some security leaks by encrypting the user password by using the encryption module in my code. But if the intruder has the encrypted password, isn't it the same thing?

The main purpose of this is for me to learn how to develop adminstration tools, preferrably in Python.

I use Python 2.7, as well as PythonIDLE, on Ubuntu 16.04.

Thank you for your help.

Improve this question
7
  • 1
    Do you run the program as root (sudo)? Commented Mar 20, 2017 at 4:06
  • I can't seem to find anything on how to run root commands from the script. I've tried to run it both while I was logged as normal and root user, but it doesn't seem to make a difference Commented Mar 20, 2017 at 4:08
  • sudo python script.py... Commented Mar 20, 2017 at 4:09
  • I might not have asked correctly; I think i'll edit the question before expecting answers. Commented Mar 20, 2017 at 4:12
  • pip install ansible Commented Mar 20, 2017 at 11:44

2 Answers 2

Reset to default
0

One of the very dirty solution is to run

os.system("sudo useradd -m -p "+upass+" "+uname)

and add to /etc/sudoers

user ALL=NOPASSWD: useradd

where user is the name of user which runs your script.

AGAIN IT IS VERY UNSAFE and HIGHLY NOT RECOMENDED

Improve this answer
Sign up to request clarification or add additional context in comments.

7 Comments

I understand that it is unsafe; I'm trying to make it happen for a first milestone.
There are two big problems: (1) you give the root access to user which run network server; (2) you pass password as command line argument. I would suggest to rethink your application and keep everything inside python.
For starters, I 'm thinking about using the stdin or stdout (still figuring out which one) to avoid having the sudo pass recorded in the terminal history.
I've found this as resource on where to input the sudo password
you can try to use subprocess module to organize stdin/stdout pipes... but it should not work, because I afraid, useradd should read directly from tty device.
|
0

For my application, what I needed was a way to run sudo commands over a python script.

This answer is basically what I was looking for.

Thanks again for taking the time to help.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.