UBports Robot Logo UBports Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    Get an app to manage SSH, grant permission to use `/bin/sh`

    Scheduled Pinned Locked Moved App Development
    2 Posts 2 Posters 510 Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
      Reply
      • Reply as topic
      Log in to reply
      This topic has been deleted. Only users with topic management privileges can see it.
      • A Offline
        amazones
        last edited by

        How can I start and stop SSH in my clickable app? I'm using Python+QML, and I want to simply execute /etc/init.d/ssh start in shell, but I get the following error:

        Jul 01 12:47:53 ubuntu-phablet aa-exec[7215]: PermissionError: [Errno 13] Permission denied: '/bin/sh'

        How can I give my app access to the /bin/sh? Should I give it some special apparmor permission? I tried to add "template": "unconfined" to my apparmor file, but it doesn't let me do that and dies on me during build:

        Errors
------
 - security:template_valid:sshhelper.apparmor
        (NEEDS REVIEW) 'unconfined' not allowed
        http://askubuntu.com/q/671403

        Here's my app code, it's just straight up Python template with simple function to call shell commands:

        ## ssh.py
import subprocess
def execute_shell_command(command):
    process = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
    output, error = process.communicate()
    return output.decode('utf-8'), error.decode('utf-8'), process.returncode

        // main.qml
import QtQuick 2.7
import Lomiri.Components 1.3
import QtQuick.Layouts 1.3
import Qt.labs.settings 1.0
import io.thp.pyotherside 1.4

MainView {
    id: root
    objectName: 'mainView'
    applicationName: 'test'
    automaticOrientation: true

    width: units.gu(45)
    height: units.gu(75)

    Page {
        anchors.fill: parent

        header: PageHeader {
            id: header
            title: i18n.tr('SSH Helper')
        }

        Label {
            anchors {
                top: header.bottom
                left: parent.left
                right: parent.right
                bottom: parent.bottom
            }
            text: i18n.tr('Check the logs!')

            verticalAlignment: Label.AlignVCenter
            horizontalAlignment: Label.AlignHCenter
        }
    }

    Python {
        id: python

        Component.onCompleted: {
            addImportPath(Qt.resolvedUrl('../src/'));

            importModule('ssh', function() {
                console.log('module imported');
                python.call('ssh.execute_shell_command', ['/etc/init.d/ssh start'], function(returnValue) {
                    console.log('the command returned ' + returnValue);
                })
            });
        }

        onError: {
            console.log('python error: ' + traceback);
        }
    }
}
        1 Reply Last reply Reply Quote 0
        • L Offline
          lkroll
          last edited by

          To spawn a shell the app needs to be unconfined afaik.
          You can accept the error by adding --accept-review-errors to your clickable command and see if it works.

          Keep in mind that unconfined apps need to be reviewed before they can be submitted to the OpenStore.

          1 Reply Last reply Reply Quote 0

          Hello! It looks like you're interested in this conversation, but you don't have an account yet.

          Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.

          With your input, this post could be even better 💗

          Register Login
          • First post
            Last post