0

First I created a new group tcpdumpers, added current user to that group, and then I edited /etc/sudoers according to the top answer of this link: Running commands from within python that need root access

import os
os.system("% sudo tcpdump")
os.system("cd /var/www/tbg/media/uploads/")
os.system("mkdir " + str(request.user.id))
os.system("cat .htaccess")

os.system("chown www-data:www-data .htaccess")
myfile = open(".htaccess", "a")

This yields the error Permission denied: .htaccess

This is Apache within Django, so request.user.id is the user object ID in Django.

I also used the touch command instead of cat which yielded identical results. It seems that Python has no rights at all no matter what I do.

EDIT: I'd like to point out that no directory is created either with the mkdir command. So the problem starts there, not with .htaccess. It doesn't even exist.

Community
  • 1
  • 1
KSHMR
  • 741
  • 1
  • 9
  • 24
  • I started writing a long answer to this question, but then I realized you are fractally wrong: even if I fix the misunderstandings about system calls, user groups, sudo, what tcpdump means in that linked question, etc, it's still not obvious what you are trying to do and why. You seem to want to create a .htaccess file owned by `www-data` inside a media/uploads/ directory. Why would you do this at all? – Daniel Roseman Jun 19 '14 at 15:36
  • Because later in the code I'm going to write to this .htaccess and restrict access to the registered user only. – KSHMR Jun 19 '14 at 15:51
  • OK, and how are you going to get Apache to recognise the user who is logged in via Django? – Daniel Roseman Jun 19 '14 at 16:02
  • My code is ugly -- I create duplicates via Python's open() function, that is, the Django code creates an identical Apache user manually. I know this is absolutely horrible, but I'm a newbie at Apache and don't know what else to do. What I would like to do is restrict a directory (and all its subdirectories) to a single user. Do you know how to do that? Thanks for your patience. – KSHMR Jun 19 '14 at 16:06
  • This is why this question is a prime example of the [XY Problem](http://meta.stackexchange.com/questions/66377/what-is-the-xy-problem). There is already a well-recognised solution to this problem: use X-SendFile. There is even a [django-sendfile](https://github.com/johnsensible/django-sendfile) project to wrap this up in a library. – Daniel Roseman Jun 19 '14 at 17:40
  • This is precisely what I needed! What a convenient way. I apologize, I definitely seem to have fallen ino the pit of the XY problem. Thank you for your help, I'll try to make my questions more precise in the future. – KSHMR Jun 20 '14 at 09:35
  • One last question, though - will Apache serve the files sent through this library? – KSHMR Jun 20 '14 at 09:56

0 Answers0