[英]How to run superuser commands on Linux through Java code?
My application has multiple users and 1 superuser. 我的应用程序有多个用户和1个超级用户。 I am trying to write and store a file in Linux through Java code but i get permission denied error.
我试图通过Java代码在Linux中编写和存储文件但我得到权限被拒绝错误。 I used the following code:
我使用了以下代码:
Process process = Runtime.getRuntime().exec("/usr/bin/tiff2pdf -o /tmp/tiff_dir/temp.pdf /tmp/tiff_dir/image.tiff");
int returnCode = process.waitFor();
I get following error: 我收到以下错误:
java.io.FileNotFoundException: image.tiff (Permission denied)
From my analysis, it seems that because the user does not have root permissions, i am getting this error. 根据我的分析,似乎因为用户没有root权限,我收到此错误。 What is the solution to this?
这是什么解决方案?
You shouldn't run a command like that as a super user because it poses a security risk (ie if someone gained control of your java program, then they have the keys to the kingdom). 你不应该像超级用户一样运行这样的命令,因为它会带来安全风险(即如果某人获得了对你的java程序的控制权,那么他们就拥有了王国的钥匙)。 Instead, you should run with lower permissions.
相反,您应该以较低的权限运行。
It looks like the issue is with access to image.tiff
not with tiff2pdf
. 看起来问题是访问
image.tiff
而不是tiff2pdf
。 Check the owner and permissions of image.tiff
. 检查
image.tiff
的所有者和权限。
Firstly, these two lines will not produce a java.io.FileNotFoundException: image.tiff (Permission denied)
: 首先,这两行不会产生
java.io.FileNotFoundException: image.tiff (Permission denied)
:
Process process = Runtime.getRuntime().exec("/usr/bin/tiff2pdf -o temp.pdf image.tiff");
int returnCode = process.waitFor();
If for some reason, the command fail, it will return a non-zero return code will produce some output on the process's standard error (that's the convention). 如果由于某种原因,命令失败,它将返回非零返回码,将在进程的标准错误上产生一些输出(这是约定)。 You can get that standard error from
process.getErrorStream()
(it might be worth having a look at the standard output too, just in case). 你可以从
process.getErrorStream()
获得那个标准错误process.getErrorStream()
为了以防万一,也可能值得看看标准输出)。 If there's an issue with the file not being found there, it will not throw a FileNotFoundException
like this, since Java cannot understand the expected output from your command. 如果在那里找不到文件的问题,它将不会抛出这样的
FileNotFoundException
,因为Java无法理解命令的预期输出。
EDIT, following your comment: 编辑,跟随你的评论:
It was thrown from this point only and value of returnCode was 1. Also everything worked fine once i manually changed the file permissions from a root user.
它仅从这一点抛出,returnCode的值为1.一旦我手动更改root用户的文件权限,一切正常。
That's just not possible. 那是不可能的。 If your application throws an exception at either of these two lines, it will exit the normal control flow: you will not be able to read the
returnCode
at all. 如果您的应用程序在这两行中的任何一行引发异常,它将退出正常的控制流:您根本无法读取
returnCode
。
Secondly, your should run your exec
command with each argument in a String[]
instead of having it all in one line, this should prevent quotation problems if file names have spaces for example. 其次,你应该使用
String[]
中的每个参数运行你的exec
命令,而不是将它全部放在一行中,如果文件名有空格,这应该可以防止引用问题。
I would also suggest using absolute paths in your command, to make sure you're working in the directories you expect. 我还建议在命令中使用绝对路径,以确保您在所期望的目录中工作。 (*EDIT: * Now that you're using absolute paths, make sure your user has rwx permissions on
/tmp/tiff_dir
.) (*编辑:*现在您正在使用绝对路径,请确保您的用户对
/tmp/tiff_dir
具有rwx权限。)
To answer your question more directly, you can certainly run sudo
with Runtime.exec(new String[] {"/usr/bin/sudo", ... the rest of your command ... }
, but this is a bad idea , for security reasons. You'd also need to change the sudoers
file to allow it without password, or find a way to pass in a password, either on the command line (definitely a security risk!) or by passing it to the input stream manually, somehow.) 为了更直接地回答你的问题,你当然可以使用
Runtime.exec(new String[] {"/usr/bin/sudo", ... the rest of your command ... }
运行sudo
Runtime.exec(new String[] {"/usr/bin/sudo", ... the rest of your command ... }
,但这是一个坏主意 ,出于安全原因。您还需要更改sudoers
文件以允许它没有密码,或者在命令行上找到传递密码的方法(绝对有安全风险!)或将其传递给输入以某种方式手动流。)
Try this : 尝试这个 :
File file = new File("/opt/image.tiff");
Runtime runtime = Runtime.getRuntime();
runtime.exec(new String[] { "/bin/chmod", "777",file.getPath()});
This will execute full permission on the file. 这将对文件执行完全权限。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.