I am new to Python although having worked with PHP for quite a long time I'm finding it a nice language to work with, basically I am trying to create a script to run on a web server running Debian that can be used to create/edit/delete virtual servers, and modify port numbers etc... more specifically I am writing this script to maintain a web server running on a Raspberry Pi as the lack of power makes visual panels like webmin a little slow (maybe a little ambitious for a first project, but I did 'Hello World' first )
The code is coming together nicely but one thing that is important is that the script needs to be run as root or using SUDO so I have the following code at the beginning of my script just after the shebang.
This is the top section of the script /usr/local/bin/pi-ws
- Code: Select all
import os, sys, colorama
from colorama import Fore
#Check if the script is being run as root or SU
if not 'SUDO_UID' in os.environ.keys():
#Let the user know that this script needs to be run as root
print (Fore.MAGENTA + "Due to the nature of this program it requires root priveliges.\nTry running 'sudo pi-ws_configure'\n")
#Ask if the user would like to quit to the terminal or attempt to run the script as root
option = raw_input (Fore.WHITE + "\t1: Run Pi-WS as root\n\t2: Quit to the terminal\n\n>> ")
if option == "1":
#Run 'sudo pi-ws'
os.system("echo sudo pi-ws")
#Exit to the terminal
I would expect that when the user inputs '1' and the script runs 'sudo pi-ws' that the user would be prompted to enter the root password, but they are not, the script just launches with sudo privileges without asking for a password, I have tried closing the terminal on my laptop and opening a new one so the sudo session is cleared, I have also tried copying the script to another server and logging in via putty using a non SU account, but both ways it still runs as root without the need for a password.
Obviously that isn't very secure does anybody know what might be causing that?