Re: migrate python script from sudo to doas
Hi Vincent, Am 03.11.2018 um 07:22 schrieb vincent delft: Hello Markus, I cannot reproduce your problem. As you can see here under I can create a user "test1" on the command line, and, with the same userid, I can create it with python2 and python3 too. (I'm running 6.4) I see 2 possible cause : - your python script, - or maybe the userid for which your python script runs is not the one defined in doas.conf. i switch back to spawnl function and it worked with doas so I will stick with that since it's working. Maybe later I will revisit the problem and give it another try. regards -- Markus Rosjatfon: +49 351 8107224mail: ros...@ghweb.de G+H Webservice GbR Gorzolla, Herrmann Königsbrücker Str. 70, 01099 Dresden http://www.ghweb.de fon: +49 351 8107220 fax: +49 351 8107227 Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before you print it, think about your responsibility and commitment to the ENVIRONMENT
Re: migrate python script from sudo to doas
Hello Markus, I cannot reproduce your problem. As you can see here under I can create a user "test1" on the command line, and, with the same userid, I can create it with python2 and python3 too. (I'm running 6.4) I see 2 possible cause : - your python script, - or maybe the userid for which your python script runs is not the one defined in doas.conf. regards The python script I use is: " import subprocess cmd = "doas useradd -u 9003 -g=uid -s /sbin/nologin -d /tmp test3" cmd_list = cmd.split() exit = subprocess.check_call(cmd_list) " the tests results are: " obsd-laptop:~$ doas useradd -u 9001 -g=uid -s /sbin/nologin -d /tmp test1 obsd-laptop:~$ echo $? 0 obsd-laptop:~$ python2.7 test.py obsd-laptop:~$ echo $? 0 obsd-laptop:~$ userinfo test2 login test2 passwd * uid 9002 groups test2 change NEVER class gecos dir /tmp shell /sbin/nologin expire NEVER obsd-laptop:~$ python3.6 test.py obsd-laptop:~$ echo $? 0 obsd-laptop:~$ userinfo test3 login test3 passwd * uid 9003 groups test3 change NEVER class gecos dir /tmp shell /sbin/nologin expire NEVER " On Tue, Oct 30, 2018 at 1:22 PM Markus Rosjat wrote: > Hi, > > as I stated before on a cmd is no problem, Im using 6.4 release > > > Am 30.10.2018 um 12:56 schrieb Solene Rapenne: > > Markus Rosjat wrote: > >> hi all, > >> > >> I have some old python scripts that using os.spawnl to execute stuff > >> like useradd combined with sudo. This worked just fine on systems with > >> sudo installed but these days we have doas and its totally enough for > >> things I use to do so I said to myself "lets update these old scripts > >> ..." . In code this was basically replasing os.spawnl with > >> subprocess.check_call but when I run this the useradd command doesnt > >> get executed by the script. On the cmd it does, so this works on cmd: > >> > >> doas useradd -u 666 -g =uid -s /sbin/nologin -d > >> /var/mail/domain.tld/vmailuser0666 vmailuser0666 > >> > >> but in the script I with the code like this: > >> > >>exit = subprocess.check_call(['doas', 'useradd', '-u %s' % user_id, > >> '-g =uid', > >> '-s /sbin/nologin', > >> '-d %s' % mb_parent_dir, > >> user_name]) > >> > >> I get an exception that seems to be related to the fact that doas isnt > >> really working here > >> > >> doas: Authorization failed <- this comes from the script even the > >> provided password is correct > >> > >> Traceback (most recent call last): > >> File "/root/scripts/mb_add", line 244, in > >> mb_addresses) > >> File "/root/scripts/mb_add", line 174, in add_mailbox > >> user_name]) > >> File "/usr/local/lib/python2.7/subprocess.py", line 190, in > check_call > >> raise CalledProcessError(retcode, cmd) > >> subprocess.CalledProcessError: Command '['doas', 'useradd', '-u 666', > >> '-g =uid', '-s /sbin/nologin', '-d /var/mail/domain.tld/vmailuser666', > >> 'vmailuser666']' returned non-zero exit status 1 > >> > >> So does someone had some issues with migrating scripts from sudo to > >> doas, then some help or hintw would be very appreciated. > >> > >> > >> regards > > hi > > > > what openbsd version are you using? > > did you try the command outside of python? > > > > There were issues with doas a few days ago in snapshots. > > > > -- > Markus Rosjatfon: +49 351 8107224mail: ros...@ghweb.de > > G+H Webservice GbR Gorzolla, Herrmann > Königsbrücker Str. 70, 01099 Dresden > > http://www.ghweb.de > fon: +49 351 8107220 fax: +49 351 8107227 > > Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before > you print it, think about your responsibility and commitment to the > ENVIRONMENT > >
Re: migrate python script from sudo to doas
Hi Vincent Am 30.10.2018 um 16:03 schrieb Vincent Legoll: Maybe you should try like the following: cmd = ['doas', 'useradd', '-u', user_id, '-g', '=uid', '-s', '/sbin/nologin', '-d', mb_parent_dir, user_name] exit = subprocess.check_call(cmd) this doesn't solve the problem, if I try like that check_call complains that it need a string as user_id. If I do make something like u_id = '%s' %user_id and plug u_id as the arg I'm back to square one. So it seems this seems a doas related issue and needs some adjustment in doas.conf. If this isnt resolvable I will just install sudo package using the "pointing a cannon at a sparrow" approach :( regards -- Markus Rosjatfon: +49 351 8107224mail: ros...@ghweb.de G+H Webservice GbR Gorzolla, Herrmann Königsbrücker Str. 70, 01099 Dresden http://www.ghweb.de fon: +49 351 8107220 fax: +49 351 8107227 Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before you print it, think about your responsibility and commitment to the ENVIRONMENT
Re: migrate python script from sudo to doas
Hello, On Tue, Oct 30, 2018 at 12:33 PM Markus Rosjat wrote: > exit = subprocess.check_call(['doas', 'useradd', '-u %s' % user_id, > '-g =uid', > '-s /sbin/nologin', > '-d %s' % mb_parent_dir, > user_name]) Maybe you should try like the following: cmd = ['doas', 'useradd', '-u', user_id, '-g', '=uid', '-s', '/sbin/nologin', '-d', mb_parent_dir, user_name] exit = subprocess.check_call(cmd)
Re: migrate python script from sudo to doas
Hi, as I stated before on a cmd is no problem, Im using 6.4 release Am 30.10.2018 um 12:56 schrieb Solene Rapenne: Markus Rosjat wrote: hi all, I have some old python scripts that using os.spawnl to execute stuff like useradd combined with sudo. This worked just fine on systems with sudo installed but these days we have doas and its totally enough for things I use to do so I said to myself "lets update these old scripts ..." . In code this was basically replasing os.spawnl with subprocess.check_call but when I run this the useradd command doesnt get executed by the script. On the cmd it does, so this works on cmd: doas useradd -u 666 -g =uid -s /sbin/nologin -d /var/mail/domain.tld/vmailuser0666 vmailuser0666 but in the script I with the code like this: exit = subprocess.check_call(['doas', 'useradd', '-u %s' % user_id, '-g =uid', '-s /sbin/nologin', '-d %s' % mb_parent_dir, user_name]) I get an exception that seems to be related to the fact that doas isnt really working here doas: Authorization failed <- this comes from the script even the provided password is correct Traceback (most recent call last): File "/root/scripts/mb_add", line 244, in mb_addresses) File "/root/scripts/mb_add", line 174, in add_mailbox user_name]) File "/usr/local/lib/python2.7/subprocess.py", line 190, in check_call raise CalledProcessError(retcode, cmd) subprocess.CalledProcessError: Command '['doas', 'useradd', '-u 666', '-g =uid', '-s /sbin/nologin', '-d /var/mail/domain.tld/vmailuser666', 'vmailuser666']' returned non-zero exit status 1 So does someone had some issues with migrating scripts from sudo to doas, then some help or hintw would be very appreciated. regards hi what openbsd version are you using? did you try the command outside of python? There were issues with doas a few days ago in snapshots. -- Markus Rosjatfon: +49 351 8107224mail: ros...@ghweb.de G+H Webservice GbR Gorzolla, Herrmann Königsbrücker Str. 70, 01099 Dresden http://www.ghweb.de fon: +49 351 8107220 fax: +49 351 8107227 Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before you print it, think about your responsibility and commitment to the ENVIRONMENT
Re: migrate python script from sudo to doas
Markus Rosjat wrote: > hi all, > > I have some old python scripts that using os.spawnl to execute stuff > like useradd combined with sudo. This worked just fine on systems with > sudo installed but these days we have doas and its totally enough for > things I use to do so I said to myself "lets update these old scripts > ..." . In code this was basically replasing os.spawnl with > subprocess.check_call but when I run this the useradd command doesnt > get executed by the script. On the cmd it does, so this works on cmd: > > doas useradd -u 666 -g =uid -s /sbin/nologin -d > /var/mail/domain.tld/vmailuser0666 vmailuser0666 > > but in the script I with the code like this: > > exit = subprocess.check_call(['doas', 'useradd', '-u %s' % user_id, > '-g =uid', > '-s /sbin/nologin', > '-d %s' % mb_parent_dir, > user_name]) > > I get an exception that seems to be related to the fact that doas isnt > really working here > > doas: Authorization failed <- this comes from the script even the > provided password is correct > > Traceback (most recent call last): > File "/root/scripts/mb_add", line 244, in > mb_addresses) > File "/root/scripts/mb_add", line 174, in add_mailbox > user_name]) > File "/usr/local/lib/python2.7/subprocess.py", line 190, in check_call > raise CalledProcessError(retcode, cmd) > subprocess.CalledProcessError: Command '['doas', 'useradd', '-u 666', > '-g =uid', '-s /sbin/nologin', '-d /var/mail/domain.tld/vmailuser666', > 'vmailuser666']' returned non-zero exit status 1 > > So does someone had some issues with migrating scripts from sudo to > doas, then some help or hintw would be very appreciated. > > > regards hi what openbsd version are you using? did you try the command outside of python? There were issues with doas a few days ago in snapshots.
migrate python script from sudo to doas
hi all, I have some old python scripts that using os.spawnl to execute stuff like useradd combined with sudo. This worked just fine on systems with sudo installed but these days we have doas and its totally enough for things I use to do so I said to myself "lets update these old scripts ..." . In code this was basically replasing os.spawnl with subprocess.check_call but when I run this the useradd command doesnt get executed by the script. On the cmd it does, so this works on cmd: doas useradd -u 666 -g =uid -s /sbin/nologin -d /var/mail/domain.tld/vmailuser0666 vmailuser0666 but in the script I with the code like this: exit = subprocess.check_call(['doas', 'useradd', '-u %s' % user_id, '-g =uid', '-s /sbin/nologin', '-d %s' % mb_parent_dir, user_name]) I get an exception that seems to be related to the fact that doas isnt really working here doas: Authorization failed <- this comes from the script even the provided password is correct Traceback (most recent call last): File "/root/scripts/mb_add", line 244, in mb_addresses) File "/root/scripts/mb_add", line 174, in add_mailbox user_name]) File "/usr/local/lib/python2.7/subprocess.py", line 190, in check_call raise CalledProcessError(retcode, cmd) subprocess.CalledProcessError: Command '['doas', 'useradd', '-u 666', '-g =uid', '-s /sbin/nologin', '-d /var/mail/domain.tld/vmailuser666', 'vmailuser666']' returned non-zero exit status 1 So does someone had some issues with migrating scripts from sudo to doas, then some help or hintw would be very appreciated. regards -- Markus Rosjatfon: +49 351 8107224mail: ros...@ghweb.de G+H Webservice GbR Gorzolla, Herrmann Königsbrücker Str. 70, 01099 Dresden http://www.ghweb.de fon: +49 351 8107220 fax: +49 351 8107227 Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before you print it, think about your responsibility and commitment to the ENVIRONMENT