如何通过Java代码在Linux上运行超级用户命令？

Question

My application has multiple users and 1 superuser. I am trying to write and store a file in Linux through Java code but i get permission denied error. I used the following code:

Process process = Runtime.getRuntime().exec("/usr/bin/tiff2pdf -o /tmp/tiff_dir/temp.pdf /tmp/tiff_dir/image.tiff");
int returnCode = process.waitFor();

I get following error:

java.io.FileNotFoundException: image.tiff (Permission denied)

From my analysis, it seems that because the user does not have root permissions, i am getting this error. What is the solution to this?

Answer 1

You shouldn't run a command like that as a super user because it poses a security risk (ie if someone gained control of your java program, then they have the keys to the kingdom). Instead, you should run with lower permissions.

It looks like the issue is with access to image.tiff not with tiff2pdf . Check the owner and permissions of image.tiff .

Answer 2

Firstly, these two lines will not produce a java.io.FileNotFoundException: image.tiff (Permission denied) :

Process process = Runtime.getRuntime().exec("/usr/bin/tiff2pdf -o temp.pdf image.tiff");
int returnCode = process.waitFor();

If for some reason, the command fail, it will return a non-zero return code will produce some output on the process's standard error (that's the convention). You can get that standard error from process.getErrorStream() (it might be worth having a look at the standard output too, just in case). If there's an issue with the file not being found there, it will not throw a FileNotFoundException like this, since Java cannot understand the expected output from your command.

EDIT, following your comment:

It was thrown from this point only and value of returnCode was 1. Also everything worked fine once i manually changed the file permissions from a root user.

That's just not possible. If your application throws an exception at either of these two lines, it will exit the normal control flow: you will not be able to read the returnCode at all.

Secondly, your should run your exec command with each argument in a String[] instead of having it all in one line, this should prevent quotation problems if file names have spaces for example.

I would also suggest using absolute paths in your command, to make sure you're working in the directories you expect. (*EDIT: * Now that you're using absolute paths, make sure your user has rwx permissions on /tmp/tiff_dir .)

To answer your question more directly, you can certainly run sudo with Runtime.exec(new String[] {"/usr/bin/sudo", ... the rest of your command ... } , but this is a bad idea , for security reasons. You'd also need to change the sudoers file to allow it without password, or find a way to pass in a password, either on the command line (definitely a security risk!) or by passing it to the input stream manually, somehow.)

Answer 3

Try this :

File file = new File("/opt/image.tiff");
Runtime runtime = Runtime.getRuntime();
runtime.exec(new String[] { "/bin/chmod", "777",file.getPath()});

This will execute full permission on the file.