Get output stream from QProcess
-
@JonB it is only example, Im working on frontend app for some console only program, and that console program requires sudo.
-
-
@JonB
sudo -Adoesn't work for my by default and-Swhat does it mean? I read manpage that it will read password from stdin, but Im working on GUI app, how can I show popup "Enter password" and then pass it to that process?@t0msk
So your Qt GUI will get the password from the user once. Then you will invokesudo -S .... You will send the password to it viaQProcess::write(). That will be connected to sub-process's stdin. Similar to the way that you can read from sub-process's stout/stderr in the code we have been discussing. Look back up at @jsulm's post. Have a read through theQProcessdoc page. -
@t0msk I ran into this on a PHP web app I wrote once where I needed to control some system services. My VERY dangerous approach was to modify the /etc/sudoers file to allow a certain user to run certain programs without a sudo password. Again this was VERY dangerous but I assumed the risk.
I added a line in my sudoers file like this...
<username> ALL=(ALL:ALL) NOPASSWD:<comma separated list of programs that I wanted to run without a password>Again, this is a VERY dangerous approach but I assumed the risks by running the program as a user that had no login shell. The chances of exploitation was very small.
As far as the need to communicating with the process I'm sure you come up with some sort of non blocking or interactive mode for QProcess. As @jsulm said read up and maybe try communicating via the channels of QProcess.
Chris~
-
@t0msk I ran into this on a PHP web app I wrote once where I needed to control some system services. My VERY dangerous approach was to modify the /etc/sudoers file to allow a certain user to run certain programs without a sudo password. Again this was VERY dangerous but I assumed the risk.
I added a line in my sudoers file like this...
<username> ALL=(ALL:ALL) NOPASSWD:<comma separated list of programs that I wanted to run without a password>Again, this is a VERY dangerous approach but I assumed the risks by running the program as a user that had no login shell. The chances of exploitation was very small.
As far as the need to communicating with the process I'm sure you come up with some sort of non blocking or interactive mode for QProcess. As @jsulm said read up and maybe try communicating via the channels of QProcess.
Chris~
@Chrisw01
One can run withNOPASSWD, and indeed I do on my development machine where I am the only user. If the application is only to be run on his own machine this might be acceptable. However, for the OP to make his end user sites change over to no root password, admittedly only forapt-get, seems inappropriate. It also requires setup from the system administrator. I would not dream of accepting software with this! Again, I would ask why his application requires asudo apt-getrather than just anapt-get?As I have noted above, you can run
sudowith a password from a UI by using the-Soption. If you are going to write code which uses channel communication withQProcessanyway you are already halfway there to what is needed. -
@JonB Agreed, which is why all the warnings of it being dangerous. And only control of that was given to a specific user, not the whole system. It fit my needs...
@t0msk I think that @JonB has hit the nail on the head. Run sudo with the -S parameter. And use channels to read and write to and from stdin/stdout/stderr as required.
From the sudo man page:
-S, --stdin Write the prompt to the standard error and read the password from the standard input instead of using the terminal device. The password must be followed by a newline character.Oh and one more thing to keep in mind, not all distros of Linux install sudo by default. Debian server for instance requires you to use the su program or manually install sudo. Some distro's only allow sudo to the admin or users in the sudoers group but not to regular users. So some adjustments may be required.
-
@JonB I need to use
sudowithaptyou can look here:tomsk@tomsk-Ntb:~$ apt update Reading package lists... Done E: Could not open lock file /var/lib/apt/lists/lock - open (13: Permission denied) E: Unable to lock directory /var/lib/apt/lists/ W: Problem unlinking the file /var/cache/apt/pkgcache.bin - RemoveCaches (13: Permission denied) W: Problem unlinking the file /var/cache/apt/srcpkgcache.bin - RemoveCaches (13: Permission denied)So if I understand correctly, if user will want to do something which requires
sudo, then I will showQDialogwithlineEditwhere he enters password and then I will call QProcess withsudo -Sand after that I useQProcess::write()where I insert his password?I just downloaded application which requires administration rights from Linux repository and if I launch it, it looks like this:
As you can see it uses PolicyKit 1 and I didn't have to set up polkit on my system as you said (that xml what you mentioned), sorry but I am confused.
IT'S working now I used
pkexec apt update.Student who loves C/C++
-
@JonB I need to use
sudowithaptyou can look here:tomsk@tomsk-Ntb:~$ apt update Reading package lists... Done E: Could not open lock file /var/lib/apt/lists/lock - open (13: Permission denied) E: Unable to lock directory /var/lib/apt/lists/ W: Problem unlinking the file /var/cache/apt/pkgcache.bin - RemoveCaches (13: Permission denied) W: Problem unlinking the file /var/cache/apt/srcpkgcache.bin - RemoveCaches (13: Permission denied)So if I understand correctly, if user will want to do something which requires
sudo, then I will showQDialogwithlineEditwhere he enters password and then I will call QProcess withsudo -Sand after that I useQProcess::write()where I insert his password?I just downloaded application which requires administration rights from Linux repository and if I launch it, it looks like this:
As you can see it uses PolicyKit 1 and I didn't have to set up polkit on my system as you said (that xml what you mentioned), sorry but I am confused.
IT'S working now I used
pkexec apt update.-
You only need to use
sudobecause you are goingapt update, which does a system-wide update of stuff. Why does your app need that? That's my point. -
Yes to what you wrote about
sudo -S. -
Like I said I have never used
polkitso it's up to you to read up. You say "and I didn't have to set up polkit on my system", but isn't the point that you are being prompted for a password here where the point of usingpolkitis to allow stuff through without requiring a password? So it seems to me it is not currently set up to allow whatever you are trying through without a password, and an admin would need to configure it to make it allow no password here?
-
-
-
You only need to use
sudobecause you are goingapt update, which does a system-wide update of stuff. Why does your app need that? That's my point. -
Yes to what you wrote about
sudo -S. -
Like I said I have never used
polkitso it's up to you to read up. You say "and I didn't have to set up polkit on my system", but isn't the point that you are being prompted for a password here where the point of usingpolkitis to allow stuff through without requiring a password? So it seems to me it is not currently set up to allow whatever you are trying through without a password, and an admin would need to configure it to make it allow no password here?
@JonB said in Get output stream from QProcess:
-
You only need to use
sudobecause you are goingapt update, which does a system-wide update of stuff. Why does your app need that? That's my point. -
Yes to what you wrote about
sudo -S. -
Like I said I have never used
polkitso it's up to you to read up. You say "and I didn't have to set up polkit on my system", but isn't the point that you are being prompted for a password here where the point of usingpolkitis to allow stuff through without requiring a password? So it seems to me it is not currently set up to allow whatever you are trying through without a password, and an admin would need to configure it to make it allow no password here?
As I said many times
apt updateis only example, and if you usepkexecit will show system popup like on screenshot in my last post, then you have to enter password and after that command will be executed.Student who loves C/C++
-
-
@JonB said in Get output stream from QProcess:
-
You only need to use
sudobecause you are goingapt update, which does a system-wide update of stuff. Why does your app need that? That's my point. -
Yes to what you wrote about
sudo -S. -
Like I said I have never used
polkitso it's up to you to read up. You say "and I didn't have to set up polkit on my system", but isn't the point that you are being prompted for a password here where the point of usingpolkitis to allow stuff through without requiring a password? So it seems to me it is not currently set up to allow whatever you are trying through without a password, and an admin would need to configure it to make it allow no password here?
As I said many times
apt updateis only example, and if you usepkexecit will show system popup like on screenshot in my last post, then you have to enter password and after that command will be executed.@t0msk said in Get output stream from QProcess:
As I said many times apt update is only example
@JonB understands that "apt update" is just an example, he actually wanted to know why your app needs to be executed as root...
-
-
@JonB said in Get output stream from QProcess:
-
You only need to use
sudobecause you are goingapt update, which does a system-wide update of stuff. Why does your app need that? That's my point. -
Yes to what you wrote about
sudo -S. -
Like I said I have never used
polkitso it's up to you to read up. You say "and I didn't have to set up polkit on my system", but isn't the point that you are being prompted for a password here where the point of usingpolkitis to allow stuff through without requiring a password? So it seems to me it is not currently set up to allow whatever you are trying through without a password, and an admin would need to configure it to make it allow no password here?
As I said many times
apt updateis only example, and if you usepkexecit will show system popup like on screenshot in my last post, then you have to enter password and after that command will be executed.As I said many times
apt updateis only example, and if you usepkexecit will show system popup like on screenshot ...@jsulm has leapt to my defence :) And as I have said many times, my question is not about
apt updatebut about why you need to run it or anything else sudo from your program? This equally applies if you gopkexec(though the whole point of that is it's part ofpolkit, and the point ofpolkitis that you are supposed to configure it so that it does not "show system popup like on screenshot"). -
