从webserver调用时,python subprocess命令未成功执行

时间:2017-08-16 07:18:48

标签: linux python-2.7 subprocess cgi lighttpd

我有一个名为test.py

的示例文件
import subprocess, sys
from pyroute2 import netns
import subprocess32
import logging
cmd = "ping 192.168.121.1 -I enp5s0"

logFile = "TestLog.txt"
logging.basicConfig(filename = logFile,level=logging.DEBUG,
                    format='%(asctime)s [%(filename)s:%(lineno)s - %(funcName)s]%(levelname)s %(message)s',
                                        datefmt='%m/%d/%Y %I:%M:%S %p')

def ping():
    try:
        subprocess32.check_output(cmd, shell=True, timeout = 10)
    except subprocess32.TimeoutExpired as ex:
        logging.info("Duration completed")
        logging.info(ex.output)
    except Exception as ex:
        template = "ERROR: An exception of type {0} occurred. Arguments:{1!r}"
        message = template.format(type(ex).__name__, ex.args)
        logging.info(message)

def addNamespace(namespace):
    setNs = "ip netns add %s"%(namespace)
    logging.info(setNs)
    proc = subprocess.Popen(setNs.split(' '))
    ret = proc.communicate()
    logging.info("Return Code:%d STDOUT/STDERR:%s"%(proc.returncode, str(ret)))
    logging.info(netns.listnetns())


if __name__ == '__main__':
   ping()
   addNamespace('b01s')

当我从命令行python test.py运行时,我在日志文件中得到预期的输出:

08/16/2017 11:25:52 AM [test.py:16 - ping]INFO Duration completed
08/16/2017 11:25:52 AM [test.py:17 - ping]INFO PING 192.168.121.1 (192.168.121.1) from 192.168.121.75 enp5s0: 56(84) bytes of data.
64 bytes from 192.168.121.1: icmp_seq=1 ttl=255 time=0.316 ms
64 bytes from 192.168.121.1: icmp_seq=2 ttl=255 time=0.256 ms
64 bytes from 192.168.121.1: icmp_seq=3 ttl=255 time=0.276 ms
64 bytes from 192.168.121.1: icmp_seq=4 ttl=255 time=0.261 ms
64 bytes from 192.168.121.1: icmp_seq=5 ttl=255 time=0.276 ms
64 bytes from 192.168.121.1: icmp_seq=6 ttl=255 time=0.278 ms
64 bytes from 192.168.121.1: icmp_seq=7 ttl=255 time=0.366 ms
64 bytes from 192.168.121.1: icmp_seq=8 ttl=255 time=0.278 ms
64 bytes from 192.168.121.1: icmp_seq=9 ttl=255 time=0.306 ms
64 bytes from 192.168.121.1: icmp_seq=10 ttl=255 time=0.268 ms

08/16/2017 11:25:52 AM [test.py:25 - addNamespace]INFO ip netns add b01s
08/16/2017 11:25:52 AM [test.py:28 - addNamespace]INFO Return Code:0 STDOUT/STDERR:(None, None)
08/16/2017 11:25:52 AM [test.py:29 - addNamespace]INFO ['b01s']

但是,当我通过linux上的lighttpd服务器调用相同的代码时,我得到以下内容:

08/16/2017 11:22:11 AM [test.py:21 - ping]INFO ERROR: An exception of type CalledProcessError occurred. Arguments:()
08/16/2017 11:22:11 AM [test.py:25 - addNamespace]INFO ip netns add b01s

我正在通过cgi(lighttpd)运行python脚本,在lighttpd中配置cgi:

添加modules.conf:server.modules += ( "mod_cgi" )  并在cgi.conf中:

cgi.assign    = ( ".pl"  => "/usr/bin/perl",
                                        ".py"  => "/usr/bin/python" )

                      $HTTP["url"] =~ "^/cgi-bin" {
   cgi.assign = ( ".py" => "/usr/bin/python" )

并确保日志文件归lighttpd进程所有。

我在 CentOS 7.2

上运行此功能

修改 从lighttpd运行时,用户和组不是root用户,而是lighttpd。如果我使用Popen而不是check_output从执行的命令中打印错误,我收到错误ping: socket: Operation not permitted

似乎这是一个权限错误。那么我如何授予lighttpd root权限呢?

1 个答案:

答案 0 :(得分:0)

这看起来像是一个权限问题。如果可以为您的lighttpd进程提供完全访问权限,请转到\etc\sudoers并添加第lighttpd ALL=(ALL:ALL) NOPASSWD: ALL行。这将授予lighttpd用户完全访问/权限,而不会提示输入密码。如果有效,请告诉我。