How I can save file generated by java application in folder with root access?
The straight forward way to do that is to run your application as the root user.
Another solution is to ask to the user the root password. To do that, you have to ask the "su" command of your system. Be careful, your user must have the "wheel" group. Or, you can use sudo (make sure that sudo is installed and configured for the current user).
As caarlos0 said in the comments, you can use "kdesu" or "gtksu/gksudo" if you prefer.
Of course, your application is not portable ! On windows, there's no "su", "sudo", etc.
Related
I am calling a C application (console only) from my Java application.
I am calling it with: Process proc = rt.exec("./Debug/CPP_CL --device 0");
The CPP_CL needs access to clinfo() hardware .. so the GPU hardware as its processing on the GPU's. Hence, in this case needs to run as sudo/root.
Its all working fine at the moment but only if I run the Java JAR as sudo. Currently for testing only the CPG is chmod 777 (I know bad).
What I would like to know is what’s the best way to do this ? Will the CPP run as SUDO if called by SUDO java ? Or does it need to be chmod'ed ? If so what’s the best chmod value ?
Thanks.
Running Java with root is, as you said, one possibilty, but not exactly good.
The usual chmod flags (rwx) too won´t help you.
Just call it with a sudo won´t solve anything. Usually, a password is required, and if the java program can enter it (ie. it knows the root password) ... well, then it´s the same as above again.
As said in the comments, you can add a exception to sudo, but there are some catches:
You can only specify a program/script file, but no parameter limitation. You will need a script file which calls ./Debug/CPP_CL --device 0 (better with full path) and add the batch file as exception.
Furthermore, you have to make sure that the script file can´t be modified by users (chmod of the file) and can´t be deleted (chmod of the containing directory). File modification would mean that the modifying user can put anything in it and run it as root, and deletion would let the user place another file there with this name = same effect. Given that, you can call with with sudo.
If you wnat to call it without sudo, make another script file which just calls file 1 with sudo.
Another possibility is the special chmod flag SUID on the program itself (if it is enabled/supported in your distro). But here again, you can´t limit the parameters.
About the data files: A file created by a root program will be owned by root. chmod/chown as root can change that. If you only need to read the file, default umasks will allow that on many systems (if the files are in not-only-root-directories like /root)
Answer:
https://unix.stackexchange.com/questions/18830/how-to-run-a-specific-program-as-root-without-a-password-prompt
This worked.. I was able to sudo from Java and with the above no PWD is required for that application.
I have a simple Java program that uses:
Runtime.getRuntime().exec("/usr/bin/javaws", [path for JNLP file])
to open a JNLP file using java web start.
However, I need to deal with the scenario of javaws not being installed. So I need to check to see if it is installed and, if it's not, install it. Any idea how to do either of those (or both)?
Firstly, you're assuming that the path to javaws is /usr/bin/javaws, which may not be the case.
If it were that simple, then you can check if the file exists:
File javawsFile = new File("/usr/bin/javaws");
if (! javawsFile.exists()) {
System.out.println("javaws not installed");
}
Having said that, java does not have to be installed to any particular location. Thus you can't assume it's in /usr/bin/. Many people will download the java binary zip and simply decompress it to their choice of location, and set the environment variable JAVA_HOME.
Now, you could go down the path of resolving the JAVA_HOME variable - but even then it'll only tell you if javaws is installed - or not.
If javaws is not installed, there is not really a way to install it - other than prompting the user to go off to the java website and download it.
The path you give is in *nix style. In this case it would require root access to install new applications - which isn't something you can simply manufacture.
Even if your user was already running your application as root, I would still be wary of this. It's not your responsibility to install software on your users' machines.
I am writing a java program dor Oracle EBS that needs to switch user because of specific permissions defined on an user different than applmgr.
The approach we're taking is to have a java class that will switch user on a separate session and then will list the file from a folder that the new user has access.
Any options available?
So far I could create two shell script files and then I run these shell scripts, one that will store environment variables and the other one will actually switch user and list the files.
Appreciate your help.
you could change the group permissions on the file. You could start a System.process( "su user && cat file" ); You could have the other user copy the file to you using a cronjob...
You can try having Java launch a local command on the system then as part of that command launch another program (far from being very clean, but probably would work)
Check out this Class file for examples on launching local commands:
https://github.com/SnakeDoc/RPi_SerialGPS/blob/master/src/com/vanomaly/rpi/serial/gps/util/System.java
You should be able to use setuid - I expect there is a version available directly in Java, but otherwise, it shouldn't be that hard to make your own JNI code to do that.
However, it may be simpler to run a command that switches user (using su or sudo, for example) and then runs the required Java code.
I want to create a folder on a remote EC2 instance from another EC2 Instance and then copy some data into it as well.
I tried to create folder using JSch and passing command sudo mkdir /data but the error I get is sudo: sorry, you must have a tty to run sudo.Without sudo also, I am unable to create folder. I tried to use ((ChannelExec) channel).setPty(true) and by using this I can create the folder but afterwards I am unable to copy any data and even cant ssh the EC2 Instance from commandline .(if i create folder manualy then copying data is done successfully). can someone please guide me that what should be the way to do it.Thanks
How about following example?
http://www.jcraft.com/jsch/examples/Sudo.java.html
I am not familiar with JSch. But if you have root access, you can update your sudoers configuration file to get around this. Add the following line to /etc/sudoers
Defaults:USERNAME_HERE !requiretty
Maybe someone else can elaborate on whether this is a bad idea or not, that's beyond the scope of my knowledge, but I'd love to know more?
I only use this approcah in one specific situation. We have a cronjob that backs up a cluster of remote servers via rsync, but for rsync to run successfully, it needs sudo privileges.
To get around this I did the following-
Created a user "backupuser" - On both servers local & remote
Added the following two lines to /etc/sudoers - Only needed on the server you want to grant sudo privileges to the user on. In our case, only on the remote server.
backupuser ALL = NOPASSWD: /usr/bin/rsync
DEFAULTS:backupuser !requiretty
Adding these two lines grants the user, 'backupuser' sudo privileges for rsync command without the need to enter a password and without the required tty connection.
Here's how it works-
The first line breaks down into two parts.
USER SPECIFICATION OPTION_TAG (: CONDITIONS(opt))
USER SPECIFICATION - this sets the user that these options apply(s) too.
backupuser
OPTION_TAG - the tag for the option you what to grant. In this case, the user is granted sudo privileges without having the enter a password. (see man sudoers for a list of tags available)
ALL = NOPASSWD
CONDITIONS - You also have the option to place conditions on when to grant sudo privileges. In this case, the user only has sudo privileges to run the rsync command.
: /usr/bin/rsync
The second line, overrides the default requirement of the sudo command that you need a terminal connection to run sudo (tty requirement). And it grants this privilege only to the user account 'backupuser'. (See man sudoers for the other DEFAULTS)
DEFAULTS:backupuser !requiretty
Hope this helps answer your question. I know it went on a bit of a tangent, but I wanted to give a full explanation. For more info you can also checkout man sudo
I have read this article
http://lifehacker.com/5354441/google-docs-batch-upload-eases-online-document-transfers
java -jar google-docs-upload-1.2.jar /home/kevin/uploads --recursive
now its not working it says bas command not found.
is java already installed in vps centos or i have to install it
Either you don't have java or its not available in your path. Some linux distros install java in the /opt directory. So be sure to check if that's the case with you. If so then its just a matter of updating your path if not then there are two possibilities :
1. You have root access.
2. You don't have root access.
If you do have root access then you can easily install java with your package manager, if now you can still install java as a local user. Read this to do that. You can install any version of java that you so wish, also it may be unnecessary to install JDK, just JRE might be enough for you.
Don't do the steps that need root access, just copy it somewhere in your home directory or any of the directories to which you have access. Then set the appropriate values for JAVA_HOME and your PATH. It should work then.
If you need any help in doing that feel free to ask.
Download the jar google-docs-upload-1.2.jar.
Ensure you have Java.
Use your own home- and upload-folder, not the "kevin/uploads" one.