我遇到了从python中运行等待子进程的问题。我在这里也阅读了大量有关它的信息。很抱歉再次提起这个问题,但对我来说仍然无法解决。
我的代码
cmds = "cd /etc/openvpn/easy-rsa && . ./vars && ./clean-all && ./pkitool --initca && ./pkitool --server && ./build-dh"
runCmds = subprocess.Popen(cmds, shell=True)
# run = os.system
# runCmds = run(cmds)
# runCmds.wait()
# runCmds.call()
工作正常,但我需要等待子进程结束以运行下一部分代码。注释行不适合我。如果我从评论中运行某些内容我会收到错误
请首先获取vars脚本(即" source ./vars").......
有一段时间似乎wait()有效,但过了一段时间后不行。方法call()运行命令但永远不会结束。为什么方法对我不起作用,尤其是wait()?我建议我的问题是在我的环境中采购openvpn vars脚本。请帮帮我!
更新:控制台日志
set -x
[25/Jan/2016 18:30:42]"POST /run-step3-process/ HTTP/1.1" 200 49
+ cd /etc/openvpn/easy-rsa
+ . ./vars
+ pwd
+ export EASY_RSA=/etc/openvpn/easy-rsa
+ export OPENSSL=openssl
+ export PKCS11TOOL=pkcs11-tool
+ export GREP=grep
+ /etc/openvpn/easy-rsa/whichopensslcnf /etc/openvpn/easy-rsa
+ export KEY_CONFIG=/etc/openvpn/easy-rsa/openssl-1.0.0.cnf
+ export KEY_DIR=/etc/openvpn/easy-rsa/keys
+ echo NOTE: If you run ./clean-all, I will be doing a rm -rf on /etc/openvpn/easy-rsa/keys
NOTE: If you run ./clean-all, I will be doing a rm -rf on /etc/openvpn/easy-rsa/keys
+ export PKCS11_MODULE_PATH=dummy
+ export PKCS11_PIN=dummy
+ export KEY_SIZE=1024
+ export CA_EXPIRE=3650
+ export KEY_EXPIRE=3650
+ export KEY_COUNTRY=SS
+ export KEY_PROVINCE=FFFFFFF
+ export KEY_CITY=AAAA
+ export KEY_ORG=GGGG
+ export KEY_EMAIL=qq@qq.yy
+ export KEY_EMAIL=mail@host.domain
+ export KEY_CN=ccccccc
+ export KEY_NAME=changeme
+ export KEY_OU=changeme
+ export PKCS11_MODULE_PATH=changeme
+ export PKCS11_PIN=1234
+ ./clean-all
+ ./pkitool --initca
Using CA Common Name: ccccccc
Generating a 1024 bit RSA private key
.................................++++++
............................................++++++
writing new private key to 'ca.key'
-----
+ ./pkitool --server
Using Common Name: ccccccc
Generating a 1024 bit RSA private key
............++++++
...........................++++++
writing new private key to 'ccccccc.key'
-----
Using configuration from /etc/openvpn/easy-rsa/openssl-1.0.0.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'SS'
stateOrProvinceName :PRINTABLE:'FFFFFFF'
localityName :PRINTABLE:'AAAA'
organizationName :PRINTABLE:'GGGG'
organizationalUnitName:PRINTABLE:'changeme'
commonName :PRINTABLE:'ccccccc'
name :PRINTABLE:'changeme'
emailAddress :IA5STRING:'mail@host.domain'
Certificate is to be certified until Jan 22 18:30:42 2026 GMT (3650 days)
Write out database with 1 new entries
Data Base Updated
+ ./build-dh
Generating DH parameters, 1024 bit long safe prime, generator 2
This is going to take a long time
.....................................+...+..................................................................................................................................+................+..................................++*++*++*
更新2 我研究了我的代码行为:
Before run:
1.apache(or localhost)restart
2.etc/openvpn/easy-rsa/keys clean
3.start browser with new incognito window
I give permission for etc/openvpn/easy-rsa/ as 47777
success == generating process run, new keys create
error == “please source ./vars.....”
CN == variable for server name in vars
wait() == subrpocess.wait() code following string with bash commands
code ALWAYS work as below:
orig vars -> edit -> wait() -> error
orig vars -> edit (without CN, ./pkitool --server SERVER )-> wait() -> error
orig vars -> NONedit ->wait() -> success
orig vars -> edit ->WITHOUT_wait() -> success
edited vars -> edit ->WITHOUT_wait() -> success
edited vars -> edit(without CN, ./pkitool --server SERVER) -> WITHOUT_wait() -> success
orig vars -> edit(WITH_ CN, ./pkitool --server) -> WITHOUT_wait() -> success
edited vars -> edit(WITH_ CN, ./pkitool --server) -> WITHOUT_wait() -> success
我在python中编辑变量:
from django.shortcuts import HttpResponse, HttpRequest
import subprocess
from subprocess import Popen, PIPE
import json
import os.path
def pass3Cmds():
''' run commands on step3 to generate keys and cert in '/etc/openvpn/easy- rsa/keys'
'''
cmds = "cd /etc/openvpn/easy-rsa && . ./vars && ./clean-all && ./pkitool --initca && ./pkitool --server && ./build-dh"
runCmds = subprocess.Popen(cmds, shell=True)
def runStep3Process(request):
'''collect data from step3 user form and insert
them in '/etc/openvpn/easy-rsa/vars'
'''
path = '/etc/openvpn/easy-rsa/vars'
data = json.loads(request.body)
key_cn = 'export KEY_CN="%s"' % data['key_cn']
if request.method=='POST' and request.user.is_authenticated():
with open(path) as varsfile:
data = varsfile.readlines()
try:
data[69] = key_cn +'\n'
with open(path, 'w') as newvarsfile:
newvarsfile.writelines(data)
pass3Cmds()
pem = '/etc/openvpn/easy-rsa/keys/dh1024.pem'
if os.path.exists(pem):
return HttpResponse(successMsg2)
return HttpResponse(dangerMsg)
except IndexError:
return HttpResponse(warnMsg2)
return HttpResponse(warnMsg)
再一次:代码完美地使用这种方式编辑变量,直到我想运行任何代码来等待子进程。如果我运行,例如subprocess.wait()我得到了#34;请来源./vars"错误
问题是:为什么在我的情况下编辑变量强制错误?
答案 0 :(得分:1)
您的日志会在./build-dh中无限期地显示进程。
正如关联的日志消息所示,这是一个缓慢的过程。你不应该期望它是即时的。
但是,如果您的系统的熵池很低,它可能不仅仅是缓慢而且是无限期的。考虑使用rngd包中的rng-tools来使用系统的硬件随机数生成器(假设其CPU提供一个)来填充内核的熵池。
除此之外,您的使用不正确:
./pkitool --server
...不是有效命令:您需要提供CN来生成服务器证书,例如:
./pkitool --server server
答案 1 :(得分:0)
我不知道" / etc / openvpn / easy-rsa"但如果它建立了一个VPN连接,程序将在连接保持时挂起。为了终止它,您可以使用超时参数强制超时。使用subprocess.call。
cmds = "cd /etc/openvpn/easy-rsa && . ./vars && ./clean-all && ./pkitool --initca && ./pkitool --server && ./build-dh"
timeout = 60 * 10 # 10 minutes
try:
ret_code = subprocess.call(cmds, shell=True, timeout=timeout)
# return_code
except subprocess.TimeoutExpired:
# do_something()
call, check_call and check_output接受超时参数。
答案 2 :(得分:-1)
导入时间模块并使用time.sleep(amount_of_seconds)。