1. 首页
  2. 问答
  3. Python子进程AWS凭证shell脚本导致目录错误

Python子进程AWS凭证shell脚本导致目录错误

2017-06-21 71 views
0

我必须运行以下命令才能获得在EC2中运行我的Python脚本所需的所有“凭据”。所以我决定使用子流程来简化这个过程。Python子进程AWS凭证shell脚本导致目录错误

subprocess.call(["export instance_profile=`curl 
http://169.254.169.254/latest/meta-data/iam/security-credentials", 
"export AWS_ACCESS_KEY_ID=`curl http://169.254.169.254/latest/meta- 
data/iam/security-credentials/${instance_profile} | grep AccessKeyId 
| cut -d':' -f2 | sed 's/[^0-9A-Z]*//g'`", 
"export AWS_SECRET_ACCESS_KEY=`curl 
http://169.254.169.254/latest/meta-data/iam/security- 
credentials/${instance_profile} | grep SecretAccessKey | cut -d':' - 
f2 | sed 's/[^0-9A-Za-z/+=]*//g'`", 
"export AWS_SECURITY_TOKEN=`curl http://169.254.169.254/latest/meta- 
data/iam/security-credentials/${instance_profile} | grep Token | cut 
-d':' -f2 | sed 's/[^0-9A-Za-z/+=]*//g'`", 
"export http_proxy=proxy.xxx.xxxxxxxxx.com:8099", 
"export https_proxy=${http_proxy}"])

,我得到了一个错误:

File "funtest.py", line 25, in <module> 
"export https_proxy=${http_proxy}"]) 
File "/usr/lib64/python2.7/subprocess.py", line 524, in call 
return Popen(*popenargs, **kwargs).wait() 
File "/usr/lib64/python2.7/subprocess.py", line 711, in __init__ 
errread, errwrite) 
File "/usr/lib64/python2.7/subprocess.py", line 1327, in 
_execute_child 
raise child_exception 
OSError: [Errno 2] No such file or directory

我是新来bash和如果我的错误一些小事子所以请原谅我。我试过运行python ./script.py但我有同样的错误。我想为此使用子进程,因为它应该是最安全的方式。一些指导将非常感激。

来源

2017-06-21 feynmanium

回答

0

subprocess.call的第一个参数必须是程序或可执行文件。在你的情况下,它不是。看起来你想在shell中执行调用,所以设置这个参数shell=True。注意:使用shell=True是一种安全隐患。

Warning Executing shell commands that incorporate unsanitized input from an untrusted source makes a program vulnerable to shell injection, a serious security flaw which can result in arbitrary command execution. For this reason, the use of shell=True is strongly discouraged in cases where the command string is constructed from external input.

subprocess.call(["export instance_profile=`curl http://169.254.169.254/latest/meta-data/iam/security-credentials`", 
"export AWS_ACCESS_KEY_ID=`curl http://169.254.169.254/latest/meta- data/iam/security-credentials/${instance_profile} | grep AccessKeyId | cut -d':' -f2 | sed 's/[^0-9A-Z]*//g'`", 
"export AWS_SECRET_ACCESS_KEY=`curl http://169.254.169.254/latest/meta-data/iam/security- credentials/${instance_profile} | grep SecretAccessKey | cut -d':' - f2 | sed 's/[^0-9A-Za-z/+=]*//g'`", 
"export AWS_SECURITY_TOKEN=`curl http://169.254.169.254/latest/meta-data/iam/security-credentials/${instance_profile} | grep Token | cut -d':' -f2 | sed 's/[^0-9A-Za-z/+=]*//g'`", 
"export http_proxy=proxy.xxx.xxxxxxxxx.com:8099", 
"export https_proxy=${http_proxy}"], shell=True)

来源

2017-06-21 22:02:52 helloV

相关问题

 相关问题