1. 首頁
  2. 問答
  3. Python子進程AWS憑證shell腳本導致目錄錯誤

Python子進程AWS憑證shell腳本導致目錄錯誤

2017-06-21 93 views
0

我必須運行以下命令才能獲得在EC2中運行我的Python腳本所需的所有「憑據」。所以我決定使用子流程來簡化這個過程。Python子進程AWS憑證shell腳本導致目錄錯誤

subprocess.call(["export instance_profile=`curl 
http://169.254.169.254/latest/meta-data/iam/security-credentials", 
"export AWS_ACCESS_KEY_ID=`curl http://169.254.169.254/latest/meta- 
data/iam/security-credentials/${instance_profile} | grep AccessKeyId 
| cut -d':' -f2 | sed 's/[^0-9A-Z]*//g'`", 
"export AWS_SECRET_ACCESS_KEY=`curl 
http://169.254.169.254/latest/meta-data/iam/security- 
credentials/${instance_profile} | grep SecretAccessKey | cut -d':' - 
f2 | sed 's/[^0-9A-Za-z/+=]*//g'`", 
"export AWS_SECURITY_TOKEN=`curl http://169.254.169.254/latest/meta- 
data/iam/security-credentials/${instance_profile} | grep Token | cut 
-d':' -f2 | sed 's/[^0-9A-Za-z/+=]*//g'`", 
"export http_proxy=proxy.xxx.xxxxxxxxx.com:8099", 
"export https_proxy=${http_proxy}"])

,我得到了一個錯誤:

File "funtest.py", line 25, in <module> 
"export https_proxy=${http_proxy}"]) 
File "/usr/lib64/python2.7/subprocess.py", line 524, in call 
return Popen(*popenargs, **kwargs).wait() 
File "/usr/lib64/python2.7/subprocess.py", line 711, in __init__ 
errread, errwrite) 
File "/usr/lib64/python2.7/subprocess.py", line 1327, in 
_execute_child 
raise child_exception 
OSError: [Errno 2] No such file or directory

我是新來bash和如果我的錯誤一些小事子所以請原諒我。我試過運行python ./script.py但我有同樣的錯誤。我想爲此使用子進程,因爲它應該是最安全的方式。一些指導將非常感激。

來源

2017-06-21 feynmanium

回答

0

subprocess.call的第一個參數必須是程序或可執行文件。在你的情況下,它不是。看起來你想在shell中執行調用,所以設置這個參數shell=True。注意:使用shell=True是一種安全隱患。

Warning Executing shell commands that incorporate unsanitized input from an untrusted source makes a program vulnerable to shell injection, a serious security flaw which can result in arbitrary command execution. For this reason, the use of shell=True is strongly discouraged in cases where the command string is constructed from external input.

subprocess.call(["export instance_profile=`curl http://169.254.169.254/latest/meta-data/iam/security-credentials`", 
"export AWS_ACCESS_KEY_ID=`curl http://169.254.169.254/latest/meta- data/iam/security-credentials/${instance_profile} | grep AccessKeyId | cut -d':' -f2 | sed 's/[^0-9A-Z]*//g'`", 
"export AWS_SECRET_ACCESS_KEY=`curl http://169.254.169.254/latest/meta-data/iam/security- credentials/${instance_profile} | grep SecretAccessKey | cut -d':' - f2 | sed 's/[^0-9A-Za-z/+=]*//g'`", 
"export AWS_SECURITY_TOKEN=`curl http://169.254.169.254/latest/meta-data/iam/security-credentials/${instance_profile} | grep Token | cut -d':' -f2 | sed 's/[^0-9A-Za-z/+=]*//g'`", 
"export http_proxy=proxy.xxx.xxxxxxxxx.com:8099", 
"export https_proxy=${http_proxy}"], shell=True)

來源

2017-06-21 22:02:52 helloV

相關問題

 相關問題