Run a linux system command as a superuser, using a python script

Question

I have got postfix installed on my machine and I am updating virtual_alias on the fly programmatically(using python)(on some action). Once I update the entry in the /etc/pos

Answer 1

You can either run your python script as root itself - then you won't need to add privilege to reload postfix.

Or you can configure sudo to not need a password for /etc/init.d/postfix.

sudo configuration (via visudo) allows NOPASSWD: to allow the command without a password. See http://www.sudo.ws/sudo/man/sudoers.html#nopasswd_and_passwd

<username>  ALL = NOPASSWD: /etc/init.d/postfix

or something similar.

Answer 2

import os
os.popen("sudo -S /etc/init.d/postifx reload", 'w').write("yourpassword")

This of course is almost always not a good idea as the password is in plain text.

Answer 3

if you're gonna do this in python you should just do the following:

write this command before the line that you call the shell command

os.setuid(os.geteuid())

then, you call the shell command without "sudo" prefix

Answer 4

To answer the error:"sudo: sorry, you must have a tty to run sudo", we have a setting called "Defaults requiretty" in sudoers file. I tried commenting it out and it worked :D.

Answer 5

See StackLick

You need to grant a user to run sudo command without password.

Answer 6

#include <unistd.h>
#include <stdlib.h>

// gcc -o reload_postfix reload_postfix.c
// chown root reload_postfix
// chmod +s reload_postfix

int main( int argc, char **argv ) {
    setuid( geteuid() );
    system("/etc/init.d/postifx reload");
}

Wrap your command in setuid-ed program. This will let any user restart postfix. You can of course further restrict the execute permission to certain groups.