How do I add users using Python scripts on a Linux machine

On 1 Jan 2007 11:33:42 -0800, "Ramdas" <ra****@gmail.comwrote:

>How do I add users using Python scripts on a Linux machine?

Someone has a script?

This should be as easy as something like:

os.system("/usr/sbin/useradd -m -d /home/newuser -s /bin/ksh")

Dan

That is shell scripting with a python layer on top. Is there a
specific reason you have to use python? Why not just use shell, that's
what it's designed for? Unless you have some complex maths/networking
requirement or something on top.

-h

On 01/01/07, Daniel Klein <da***********@gmail.comwrote:

On 1 Jan 2007 11:33:42 -0800, "Ramdas" <ra****@gmail.comwrote:

How do I add users using Python scripts on a Linux machine?

Someone has a script?

This should be as easy as something like:

os.system("/usr/sbin/useradd -m -d /home/newuser -s /bin/ksh")

Dan
--
http://mail.python.org/mailman/listinfo/python-list

--
Hari Sekhon

Well,

I need to add users from a web interface for a web server, which runs
only Python. I need to add users, set quotas and in future even look at
managing ip tables to limit bandwidth.

I know os.system(), but this has to be done through a form entry
through a web interface.

Anyways thanks, do advise if there more pythonic solutions

Ramdas
Hari Sekhon wrote:

That is shell scripting with a python layer on top. Is there a
specific reason you have to use python? Why not just use shell, that's
what it's designed for? Unless you have some complex maths/networking
requirement or something on top.

-h

On 01/01/07, Daniel Klein <da***********@gmail.comwrote:

On 1 Jan 2007 11:33:42 -0800, "Ramdas" <ra****@gmail.comwrote:

>How do I add users using Python scripts on a Linux machine?
>
>Someone has a script?

This should be as easy as something like:

os.system("/usr/sbin/useradd -m -d /home/newuser -s /bin/ksh")

Dan
--
http://mail.python.org/mailman/listinfo/python-list

--
Hari Sekhon

Ramdas wrote:

Well,

I need to add users from a web interface for a web server, which runs
only Python. I need to add users, set quotas and in future even look at
managing ip tables to limit bandwidth.

I know os.system(), but this has to be done through a form entry
through a web interface.

Anyways thanks, do advise if there more pythonic solutions

What you're looking for is actually a pretty complex thing. You *could*
in theory manage /etc/passwd (and its "shadow" file) - you can find
crypto primitives like MD5 and DES on the 'net, but note that you must
run your script under the 'root' account in order to write (and even
read!) the passwd database. The same goes for using os.system and the
built-in OS utility. Be aware of security implications if you're running
your web server under the root account.

Ivan Voras wrote:

Ramdas wrote:

Well,

I need to add users from a web interface for a web server, which runs
only Python. I need to add users, set quotas and in future even look at
managing ip tables to limit bandwidth.

I know os.system(), but this has to be done through a form entry
through a web interface.

Anyways thanks, do advise if there more pythonic solutions

What you're looking for is actually a pretty complex thing. You *could*
in theory manage /etc/passwd (and its "shadow" file) - you can find
crypto primitives like MD5 and DES on the 'net, but note that you must
run your script under the 'root' account in order to write (and even
read!) the passwd database. The same goes for using os.system and the
built-in OS utility. Be aware of security implications if you're running
your web server under the root account.

How about invoking scripts with SUID root set?

Ivan Voras wrote:

Ramdas wrote:

>Well,

I need to add users from a web interface for a web server, which runs
only Python. I need to add users, set quotas and in future even look at
managing ip tables to limit bandwidth.

I know os.system(), but this has to be done through a form entry
through a web interface.

Anyways thanks, do advise if there more pythonic solutions

What you're looking for is actually a pretty complex thing. You *could*
in theory manage /etc/passwd (and its "shadow" file) - you can find
crypto primitives like MD5 and DES on the 'net, but note that you must
run your script under the 'root' account in order to write (and even
read!) the passwd database. The same goes for using os.system and the
built-in OS utility. Be aware of security implications if you're running
your web server under the root account.

A solution that is both more pythonic and avoids the problems listed
above would be to migrate user management from /etc/passwd to an LDAP
(though pam_ldap). That's the approach I took in a similar situation.
Sure, it adds the overhead of setting up and running an LDAP, but
managing users and their quota through python_ldap is much cleaner and
more flexible than doing so using os.system(), certainly from within a
web application.
That doesn't alter the fact though that security must be properly
considered in any application that can add users.

Regards,
Jan

Ravi Teja <we*********@gmail.comtyped

>
Ivan Voras wrote:

>Ramdas wrote:

Well,

I need to add users from a web interface for a web server, which
runs only Python. I need to add users, set quotas and in future
even look at managing ip tables to limit bandwidth.

I know os.system(), but this has to be done through a form entry
through a web interface.

Anyways thanks, do advise if there more pythonic solutions

What you're looking for is actually a pretty complex thing. You
*could* in theory manage /etc/passwd (and its "shadow" file) - you
can find crypto primitives like MD5 and DES on the 'net, but note
that you must run your script under the 'root' account in order to
write (and even read!) the passwd database. The same goes for using
os.system and the built-in OS utility. Be aware of security
implications if you're running your web server under the root
account.

How about invoking scripts with SUID root set?

Linux seems to ignore SUID bit on scripts:

[lunar@nargond]-[17:03:23] >~/test
--cat uidtest.py
#!/usr/bin/python
import os

print 'uid:', os.getuid()
print 'effective uid:', os.geteuid()
os.system('whoami')

[lunar@nargond]-[17:03:28] >~/test
--ls -l uidtest.py
-rwsr-xr-x 1 root root 112 2007-01-02 17:03 uidtest.py

[lunar@nargond]-[17:03:46] >~/test
--/home/lunar/test/uidtest.py
uid: 1000
effective uid: 1000
lunar

Anyway, you should definitely think about security issues. Not all
people out there are friendly...

--
Freedom is always the freedom of dissenters.
(Rosa Luxemburg)

On Tue, 2007-01-02 at 17:17 +0100, Sebastian 'lunar' Wiesner wrote:

Ravi Teja <we*********@gmail.comtyped

Ivan Voras wrote:

Ramdas wrote:
Well,

I need to add users from a web interface for a web server, which
runs only Python. I need to add users, set quotas and in future
even look at managing ip tables to limit bandwidth.

I know os.system(), but this has to be done through a form entry
through a web interface.

Anyways thanks, do advise if there more pythonic solutions

What you're looking for is actually a pretty complex thing. You
*could* in theory manage /etc/passwd (and its "shadow" file) - you
can find crypto primitives like MD5 and DES on the 'net, but note
that you must run your script under the 'root' account in order to
write (and even read!) the passwd database. The same goes for using
os.system and the built-in OS utility. Be aware of security
implications if you're running your web server under the root
account.

How about invoking scripts with SUID root set?

Linux seems to ignore SUID bit on scripts:

I don't think that that has anything to do with Linux or not. The script
is not the actual executable, hence its suid bit is irrelevant. You'd
have to set the suid bit on the python executable, but that would affect
all python scripts, which is probably bad.

-Carsten

Carsten Haese <ca*****@uniqsys.comtyped

On Tue, 2007-01-02 at 17:17 +0100, Sebastian 'lunar' Wiesner wrote:

>Ravi Teja <we*********@gmail.comtyped

>
Ivan Voras wrote:
Ramdas wrote:
Well,

I need to add users from a web interface for a web server, which
runs only Python. I need to add users, set quotas and in future
even look at managing ip tables to limit bandwidth.

I know os.system(), but this has to be done through a form entry
through a web interface.

Anyways thanks, do advise if there more pythonic solutions

What you're looking for is actually a pretty complex thing. You
*could* in theory manage /etc/passwd (and its "shadow" file) - you
can find crypto primitives like MD5 and DES on the 'net, but note
that you must run your script under the 'root' account in order to
write (and even read!) the passwd database. The same goes for
using os.system and the built-in OS utility. Be aware of security
implications if you're running your web server under the root
account.

How about invoking scripts with SUID root set?

Linux seems to ignore SUID bit on scripts:

I don't think that that has anything to do with Linux or not. The
script is not the actual executable, hence its suid bit is irrelevant.

I don't think so. From what I know, the script is passed as executable
to the kernel loader, which interprets the shebang and feeds the script
through the correct interpreter. So the kernel loader sees the script
itself as executable instead of the interpreter binary. I've heard of
other Unix systems, which handle this differently (meaning that the
SUID bit on scripts has an effect), but I may be wrong.

You'd have to set the suid bit on the python executable, but that
would affect all python scripts, which is probably bad.

It _is_ bad!

--
Freedom is always the freedom of dissenters.
(Rosa Luxemburg)

How about invoking scripts with SUID root set?

Linux seems to ignore SUID bit on scripts:

Yes. My bad. The work around was to use native launchers. I don't
remember the details. Perhaps with the interpreter embedded to launch
it in-process and to hard code the script paths (or at least a config
file/script pointing to them) for security.

Anyway, you should definitely think about security issues. Not all
people out there are friendly...

I agree. SUID is often risky.

Web applications such as webmin that do administrative functions
through a web interface require extra precautions for security such as
restricting access to specific IPs.

>>>>Sebastian 'lunar' Wiesner <ba***********@gmx.net(SW) wrote:

>SWLinux seems to ignore SUID bit on scripts:

The reason is that obeying SUID bits on scripts would be a security risk.
--
Piet van Oostrum <pi**@cs.uu.nl>
URL: http://www.cs.uu.nl/~piet [PGP 8DAE142BE17999C4]
Private email: pi**@vanoostrum.org

"Ramdas" <ra****@gmail.comwrote:

>
I need to add users from a web interface for a web server, which runs
only Python. I need to add users, set quotas and in future even look at
managing ip tables to limit bandwidth.

I know os.system(), but this has to be done through a form entry
through a web interface.

Anyways thanks, do advise if there more pythonic solutions

os.system is perfectly Pythonic, and can be executed from a CGI script. The
challenge is becoming root, which is necessary to do what you ask. You can
write a simple C program that is setuid root that calls your script for
you.
--
Tim Roberts, ti**@probo.com
Providenza & Boekelheide, Inc.

Piet van Oostrum <pi**@cs.uu.nltyped

>>>>>Sebastian 'lunar' Wiesner <ba***********@gmx.net(SW) wrote:

>>SWLinux seems to ignore SUID bit on scripts:

The reason is that obeying SUID bits on scripts would be a security
risk.

I don't see a problem with SUID on scripts. If you restrict write access
to the owner, modification is hardly possible.
However, if you allow world-wide write access to your binaries and
scripts, both can easily be modified...

--
Freedom is always the freedom of dissenters.
(Rosa Luxemburg)

Sebastian 'lunar' Wiesner wrote:

Carsten Haese <ca*****@uniqsys.comtyped

>I don't think that that has anything to do with Linux or not. The
script is not the actual executable, hence its suid bit is irrelevant.

I don't think so. From what I know, the script is passed as executable
to the kernel loader, which interprets the shebang and feeds the script
through the correct interpreter. So the kernel loader sees the script
itself as executable instead of the interpreter binary. I've heard of
other Unix systems, which handle this differently (meaning that the
SUID bit on scripts has an effect), but I may be wrong.

Yes, the kernel parses #! but the suid-ness is still controlled by the
target interpreter (i.e. python executable). At least BSD systems also
behave this way.

[ Ivan Voras <iv****@fer.hr]

Sebastian 'lunar' Wiesner wrote:

>Carsten Haese <ca*****@uniqsys.comtyped

>>I don't think that that has anything to do with Linux or not. The
script is not the actual executable, hence its suid bit is
irrelevant.

I don't think so. From what I know, the script is passed as
executable to the kernel loader, which interprets the shebang and
feeds the script through the correct interpreter. So the kernel
loader sees the script itself as executable instead of the
interpreter binary. I've heard of other Unix systems, which handle
this differently (meaning that the SUID bit on scripts has an
effect), but I may be wrong.

Yes, the kernel parses #! but the suid-ness is still controlled by the
target interpreter (i.e. python executable). At least BSD systems also
behave this way.

I don't think, that the interpreter controls SUID-ness. Privileges are
always handled by the kernel. At least the kernel needs to agree, when
a normal user wants to execute a SUID scripts.

--
Freedom is always the freedom of dissenters.
(Rosa Luxemburg)

I find that I can often live with a 0-60 sec. pause. and set command in
a queue like
then have a cron that runs once a min as the user you need to run this
on
that looks at the queue and sees if there are any pending

I often use a sql database for this

>>>>Sebastian 'lunar' Wiesner <ba***********@gmx.net(SW) wrote:

>SWI don't see a problem with SUID on scripts. If you restrict write access
SWto the owner, modification is hardly possible.
SWHowever, if you allow world-wide write access to your binaries and
SWscripts, both can easily be modified...

The scenario is as follows: Suppose the script starts with the line:
#!/usr/bin/python

(using #!/usr/bin/env python would be disastrous because the user could
supply his own `python interpreter' in his PATH.)

Now a malicious user can make a link to this file in his own directory,
e.g. to /Users/eve/myscript1. Because permissions are part of the file
(inode), not of the file name, this one is also suid.

Now she execs /Users/eve/myscript1. The kernel, when honoring suid scripts,
would startup python with effective uid root with the command line:
/usr/bin/env /Users/eve/myscript1

Now in another process eve changes the link /Users/eve/myscript1 to
point to another script /Users/eve/myscript2. If she manages to change the
link between the startup of the python executable and the interpreter
opening the file /Users/eve/myscript1, she has her own script running as
root.

Of course the timing is a bit critical but if you try often enough some
time it will succeed. The problem is the time window between starting the
executable and opening the script. There is no guarantee that the file will
be the same. It can only be made safe if interpreters can be passed inodes
or opened files by the kernel, but that is not how most interpreters work.
At least not python.
--
Piet van Oostrum <pi**@cs.uu.nl>
URL: http://www.cs.uu.nl/~piet [PGP 8DAE142BE17999C4]
Private email: pi**@vanoostrum.org

In message <m2************@ordesa.cs.uu.nl>, Piet van Oostrum wrote:

The scenario is as follows: Suppose the script starts with the line:
#!/usr/bin/python

(using #!/usr/bin/env python would be disastrous because the user could
supply his own `python interpreter' in his PATH.)

Now a malicious user can make a link to this file in his own directory,
e.g. to /Users/eve/myscript1. Because permissions are part of the file
(inode), not of the file name, this one is also suid.

Now she execs /Users/eve/myscript1. The kernel, when honoring suid
scripts, would startup python with effective uid root with the command
line: /usr/bin/env /Users/eve/myscript1

No it wouldn't. This security hole was fixed years ago.

>>>>Lawrence D'Oliveiro <ld*@geek-central.gen.new_zealand(LD) wrote:

>LDNo it wouldn't. This security hole was fixed years ago.

How?
--
Piet van Oostrum <pi**@cs.uu.nl>
URL: http://www.cs.uu.nl/~piet [PGP 8DAE142BE17999C4]
Private email: pi**@vanoostrum.org

In message <m2************@ordesa.lan>, Piet van Oostrum wrote:

Lawrence D'Oliveiro <ld*@geek-central.gen.new_zealand(LD) wrote:
In message <m2************@ordesa.cs.uu.nl>, Piet van Oostrum wrote:

>The scenario is as follows: Suppose the script starts with the line:
#!/usr/bin/python

(using #!/usr/bin/env python would be disastrous because the user could
supply his own `python interpreter' in his PATH.)

Now a malicious user can make a link to this file in his own directory,
e.g. to /Users/eve/myscript1. Because permissions are part of the file
(inode), not of the file name, this one is also suid.

Now she execs /Users/eve/myscript1. The kernel, when honoring suid
scripts, would startup python with effective uid root with the command
line: /usr/bin/env /Users/eve/myscript1

LDNo it wouldn't. This security hole was fixed years ago.

How?

Systems which allow set-uid scripts also usually support referring to open
file descriptors n via a pathname like /dev/fd/n. This might be done by
mounting a special pseudo-filesystem (fdfs) on /dev/fd. (This was how I
remember it being done on DEC UNIX.)

So when a the kernel detects that an executable file is actually a script,
it opens the script file on some file descriptor n, and passes the
name /dev/fd/n to the script interpreter, instead of the original script
pathname. That way, there is no opportunity for deceiving the process into
executing the wrong script with set-uid privileges.