• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login
UBports Robot Logo UBports Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login

Get an app to manage SSH, grant permission to use `/bin/sh`

Scheduled Pinned Locked Moved App Development
2 Posts 2 Posters 283 Views 1 Watching
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A Offline
      amazones
      last edited by 1 Jul 2023, 11:50

      How can I start and stop SSH in my clickable app? I'm using Python+QML, and I want to simply execute /etc/init.d/ssh start in shell, but I get the following error:

      Jul 01 12:47:53 ubuntu-phablet aa-exec[7215]: PermissionError: [Errno 13] Permission denied: '/bin/sh'
      

      How can I give my app access to the /bin/sh? Should I give it some special apparmor permission? I tried to add "template": "unconfined" to my apparmor file, but it doesn't let me do that and dies on me during build:

      Errors
      ------
       - security:template_valid:sshhelper.apparmor
              (NEEDS REVIEW) 'unconfined' not allowed
              http://askubuntu.com/q/671403
      

      Here's my app code, it's just straight up Python template with simple function to call shell commands:

      ## ssh.py
      import subprocess
      def execute_shell_command(command):
          process = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
          output, error = process.communicate()
          return output.decode('utf-8'), error.decode('utf-8'), process.returncode
      
      // main.qml
      import QtQuick 2.7
      import Lomiri.Components 1.3
      import QtQuick.Layouts 1.3
      import Qt.labs.settings 1.0
      import io.thp.pyotherside 1.4
      
      MainView {
          id: root
          objectName: 'mainView'
          applicationName: 'test'
          automaticOrientation: true
      
          width: units.gu(45)
          height: units.gu(75)
      
          Page {
              anchors.fill: parent
      
              header: PageHeader {
                  id: header
                  title: i18n.tr('SSH Helper')
              }
      
              Label {
                  anchors {
                      top: header.bottom
                      left: parent.left
                      right: parent.right
                      bottom: parent.bottom
                  }
                  text: i18n.tr('Check the logs!')
      
                  verticalAlignment: Label.AlignVCenter
                  horizontalAlignment: Label.AlignHCenter
              }
          }
      
          Python {
              id: python
      
              Component.onCompleted: {
                  addImportPath(Qt.resolvedUrl('../src/'));
      
                  importModule('ssh', function() {
                      console.log('module imported');
                      python.call('ssh.execute_shell_command', ['/etc/init.d/ssh start'], function(returnValue) {
                          console.log('the command returned ' + returnValue);
                      })
                  });
              }
      
              onError: {
                  console.log('python error: ' + traceback);
              }
          }
      }
      
      
      
      1 Reply Last reply Reply Quote 0
      • L Offline
        lkroll
        last edited by 1 Jul 2023, 22:23

        To spawn a shell the app needs to be unconfined afaik.
        You can accept the error by adding --accept-review-errors to your clickable command and see if it works.

        Keep in mind that unconfined apps need to be reviewed before they can be submitted to the OpenStore.

        1 Reply Last reply Reply Quote 0
        2 out of 2
        • First post
          2/2
          Last post