I have set up a service, and when I run it, I get the following error:
ImportError: No module named httplib2
I have httplib2 installed with pip and
my systemd ExecStart command is like this:
ExecStart=/usr/bin/python /home/orionas/Desktop/quickstart.py
The same script runs perfect from command line.
Hmm, I think you probably have installed httplib2 under your user but systemd uses another user to run the quickstart script.
Under [Service] include a line "User=" The python script will then inherit the permissions and paths of that user AFAIK.
Note: It is probably Not recommended to run a systemd service with userid the same as yours. Potential security risk. Another possible solution would be to run the python script within a [virtualenv] http://docs.python-guide.org/en/latest/dev/virtualenvs/ Many people do this and as far as I know it's the recommended practise
Related
I am trying to run my Python script as a system service. For this I have installed all necessary libraries in a virtualenv and have created the following service in /usr/lib/systemd/system:
[Unit]
Description=Desc
After=network.target
[Service]
Type=simple
User=<my-user>
Restart=on-abort
WorkingDirectory=/home/<my-user>
ExecStart=/home/<my-user>/.virtualenvs/myvenv/bin/python /home/<my-user>/workspacePython/test.py
Environment="PATH=/home/<my-user>/.virtualenvs/myvenv/bin"
[Install]
WantedBy=multi-user.target
But when I try to run it, it fails with:
Okt 07 20:45:49 fedora systemd[40808]: test.service: Failed at step EXEC spawning /home/<my-user>/.virtualenvs/myvenv/bin/python: Permission denied
The access rights for the python binary are rather permissive (777), so I am a bit confused how this comes about.
My Question is: How do I get to start the script within the virtualenv with systemd?
I had a similar issue on a service I created this morning.
Systemd does not seem to like WorkingDirectory=/home/<my-user> or absolute paths including /home in either case it will fail with the obscure "Permission denied" error.
The fix is to either replace references of "/home/" with ~ or move things outside the home path e.g /opt/<app-name>.
I have developed a Python web server using Flask, and some of the endpoints make use of the subprocess module to call different executables. On development, using the Flask debug server, everything works fine. However, when running the server along with nginx+WSGI (on the exact same machine), some subprocess calls fail.
For example, one of the tools I'm using is Microsoft's dotnet, which I installed from my user as sudo apt-get install -y aspnetcore-runtime-5.0 and is then called from Python with the subprocess module. When I run the server with python3 server.py, it works like a charm. However, when using nginx and WSGI, the subprocess call fails with an exception that says: /bin/sh: 1: dotnet: not found.
I suspect this is due to the command not being accessible to the user and group running the server. I have used this guide as a reference to deploy the app, and on the wsgi .ini file, I have set uid = javierd and gid = www-data, while on the systemd .service file I have User=javierd, Group=www-data.
I have tried to add the executables' paths to /etc/profile, but it didn't work, and I don't know any other way to fix it. I find also very surprising that this happens to some executables, but not to all, and that it happes to dotnet, for example, which is located at /usr/bin/dotnet and therefore should be accessible to every user. Any idea on how to solve this problem? Furthermore, if somebody could explain me why this is happening, I would really appreciate the effort.
Thanks a lot!
Ok, finally after having a big headache, I noticed the error, and it was really simple.
On the tutorial I linked, when creating the system service file, the following line was included: Environment="PATH=/home/myuser/myfolder/enviroment/bin".
Of course, as this was overriding the path, there was no way of executing the commands. Once I notices it I just removed that line, restarted the service, and it was fixed.
I'm running a TRAC server (tracd service) with 3 independant projects configured. Each project has an own password file in order to keep the user management independant. TRAC is started as a Windows service as described on https://trac.edgewall.org/wiki/0.11/TracStandalone
It seems that starting the TRAC server does not work if the string length of the key 'AppParameters' in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\tracd\Parameters is too long. The maximum key lenght seems to be around 260 characters.
The TRAC server can be started successfully using following 'AppParameters' key:
C:\Python27\Scripts\tracd-script.py -p 80 --auth=',C:\Trac\Moisture\conf\.htpasswd,mt.com' --auth=',C:\Trac\Balances\conf\.htpasswd,mt.com' --auth=',C:\Trac\Weights\conf\.htpasswd,mt.com' C:\Trac\Moisture C:\Trac\Balances C:\Trac\Weights
The TRAC server does not start with following 'AppParameters' key:
C:\Python27\Scripts\tracd-script.py -p 80 --auth='Moisture,C:\Trac\Moisture\conf\.htpasswd,mt.com' --auth='Balances,C:\Trac\Balances\conf\.htpasswd,mt.com' --auth='Weights,C:\Trac\Weights\conf\.htpasswd,mt.com' C:\Trac\Moisture C:\Trac\Balances C:\Trac\Weights
If I add a fourth project it is not possible to start the TRAC server anymore because the string is too long. Is this problem known? Is there a workaround?
You can also shorten your command by using the -e option for specifying the Trac environment parent directory rather than explicitly listing each Environment path.
A more extensive solution:
You could run the service with nssm.
Install nssm and put it on your path. I installed using chocolatey package manager: choco install -y nssm.
Create a batch file, run_tracd.bat:
C:\Python27-x86\Scripts\tracd.exe -p 8080 env1
Run nssm install tracd:
Run nssm start tracd
You don't have to do it exactly like this. You could avoid the bat file and enter the parameters in the nssm GUI. I'm not Windows expert, but I like having the bat file because it's easier to edit. However, there may be security concerns that I'm unaware of or it may be more robust to put the parameters in the nssm GUI (you don't have to worry about accidental deletion of the bat file). The following also works for me:
I have a internal scheduler tool which runs a python script on a remote server. I am using configparser module within my script. When I run this script through the tool it gives me below error.
ImportError: No module named configparser
I don't have access to that remote server so I can't just login to server and install required module.
Is there any way through which I can install configparser module by running any installation script on remote server through the tool ( I can neither download package on remote server nor run any commands, All I can do is, running scripts through this tool.) Please let me know if you need more clarification on this.
How about you do something like this. Create a python script that calls a bash script to do what you want:
install.py:
import subprocess
script = """
source /path/to/venv/bin/activate
pip install AnyPackage
"""
subprocess.call(['sh', '-c', script])
I am assuming you are using a virtualenv. If not, I assume the account that the script-runner uses has sudo access.
Some of my Python shell scripts are newly throwing security errors under Apple OSX 10.11, El Capitan. It seems the new App Transport Security doesn't like how the scripts are calling HTTP resources in plain text, rather than using HTTPS.
Fetching http://blahblah.com
Python[5553:5648168] App Transport Security has blocked a cleartext HTTP (http://)
resource load since it is insecure. Temporary exceptions can be configured
via your app's Info.plist file.
How might I go about fixing this? There is no HTTPS resource I can call, so I'm stuck with HTTP. The advice from Apple is to make an exception in the app's info.plist file, but this is a Python script invoked from a shell script, so there is no info.plist file to be edited.
Ideas? The root problem seems to be with webkit2png, which is in Python. Its non-HTTPS requests are being blocked by ATS, and there is no info.plist to modify.
I found a solution here that worked for me: https://apple.stackexchange.com/questions/210588/how-does-one-configure-a-temporary-exception-to-ats-on-el-capitan-and-fix-webkit
First make sure you have a version of webkit2png that is new enough to have the --ignore-ssl-check option. Version 0.5 does NOT have this option.
Second, you need to edit the source file and add a couple lines of code as shown here: https://github.com/bendalton/webkit2png/commit/9a96ac8977c386a84edb674ca1518e90452cee88
Finally use option as indicated in the solution linked above (copied here for convenience):
webkit2png --ignore-ssl-check [options] [http://example/]
Thanks for Arthur Hebert
At first I'm confused for the code then I figure it out
so I summarise the steps as follows for reference
import AppKit
Add the following code in your py script
AppKit.NSBundle.mainBundle().infoDictionary()['NSAppTransportSecurity'] = dict(NSAllowsArbitraryLoads = True)
Assume you are sure to use no HTTPS resource in MAC OSX higher than 10.11
The installation of webkit2png is not necessary in my case