subprocess pipe

Discussion in 'Python' started by Camille Harang, Nov 14, 2010.

  1. Hi all,

    I'm having a problem with subprocess.Popen. It seems that its unable to
    capture the pg_dump's standard inputs & outputs in a non-shell mode:

    from subprocess import Popen, PIPE

    # fire pg_dump in order to read data from the file object pgsql.stdout
    pgsql = Popen(['/usr/bin/pg_dump',
    '--host', 'localhost',
    '--password',
    '--username',
    'mammique'],
    stdin=PIPE,
    stderr=PIPE,
    stdout=PIPE,
    shell=True)

    # pg_dump prompts for password so I inject it in stdin.
    pgsql.stdin.write('MY_PASSWORD' + '\n')

    In the shell mode (shell=True) pipes works but the args (username, etc.)
    are omitted. If I turn to shell=False the arguments are passed to
    pg_dump but subprocess.Popen is no longer able to capture the standard
    inputs & outputs, the password prompt appears on the TTY instead and
    doesn't take the input written in stdin. It seems that subprocess.Popen
    has only this problem with pg_dump, other interactive command lines
    seems to be correctly handled.

    Any lead?

    Thanks,

    Camille.
     
    Camille Harang, Nov 14, 2010
    #1
    1. Advertising

  2. Camille Harang

    Tim Harig Guest

    On 2010-11-14, Camille Harang <> wrote:
    > # pg_dump prompts for password so I inject it in stdin.
    > pgsql.stdin.write('MY_PASSWORD' + '\n')


    For security reasons, some programs use direct access to the TTY system
    for password entry rather then reading from stdin. Most of these programs
    provide another access mechanism that can be used for authentication
    (ie public keys or storing the password in a permission restricted
    configuration file.
     
    Tim Harig, Nov 14, 2010
    #2
    1. Advertising

  3. Camille Harang

    Tim Harig Guest

    On 2010-11-14, Tim Harig <> wrote:
    > On 2010-11-14, Camille Harang <> wrote:
    >> # pg_dump prompts for password so I inject it in stdin.
    >> pgsql.stdin.write('MY_PASSWORD' + '\n')

    >
    > For security reasons, some programs use direct access to the TTY system
    > for password entry rather then reading from stdin. Most of these programs
    > provide another access mechanism that can be used for authentication
    > (ie public keys or storing the password in a permission restricted
    > configuration file.[) for scripts.


    ..pgpass ?
     
    Tim Harig, Nov 14, 2010
    #3
  4. Tim Harig a écrit :
    > On 2010-11-14, Camille Harang <> wrote:
    >> # pg_dump prompts for password so I inject it in stdin.
    >> pgsql.stdin.write('MY_PASSWORD' + '\n')

    >
    > For security reasons, some programs use direct access to the TTY system
    > for password entry rather then reading from stdin. Most of these programs
    > provide another access mechanism that can be used for authentication
    > (ie public keys or storing the password in a permission restricted
    > configuration file.


    Ha, indeed, I suspected that pg_dump didn't behave normally, security
    matters might be an explanation, I'll dig in that way, thanks a lot.

    Regards,

    Camille.
     
    Camille Harang, Nov 14, 2010
    #4
  5. Tim Harig a écrit :
    > On 2010-11-14, Camille Harang <> wrote:
    >> # pg_dump prompts for password so I inject it in stdin.
    >> pgsql.stdin.write('MY_PASSWORD' + '\n')

    >
    > For security reasons, some programs use direct access to the TTY system
    > for password entry rather then reading from stdin. Most of these programs
    > provide another access mechanism that can be used for authentication
    > (ie public keys or storing the password in a permission restricted
    > configuration file.


    Ha, indeed, I suspected that pg_dump didn't behave normally, security
    matters might be an explanation, I'll dig in that way, thanks a lot.

    Regards,

    Camille.
     
    Camille Harang, Nov 14, 2010
    #5
  6. Tim Harig a écrit :
    > On 2010-11-14, Camille Harang <> wrote:
    >> # pg_dump prompts for password so I inject it in stdin.
    >> pgsql.stdin.write('MY_PASSWORD' + '\n')

    >
    > For security reasons, some programs use direct access to the TTY system
    > for password entry rather then reading from stdin. Most of these programs
    > provide another access mechanism that can be used for authentication
    > (ie public keys or storing the password in a permission restricted
    > configuration file.


    Ha, indeed, I suspected that pg_dump didn't behave normally, security
    matters might be an explanation, I'll dig in that way, thanks a lot.

    Regards,

    Camille.
     
    Camille Harang, Nov 14, 2010
    #6
  7. Camille Harang

    Nobody Guest

    On Sun, 14 Nov 2010 19:47:55 +0000, Tim Harig wrote:

    > On 2010-11-14, Camille Harang <> wrote:
    >> # pg_dump prompts for password so I inject it in stdin.
    >> pgsql.stdin.write('MY_PASSWORD' + '\n')

    >
    > For security reasons, some programs use direct access to the TTY system
    > for password entry rather then reading from stdin.


    Indeed, the getpass() function exists[1] for this purpose:

    The getpass() function opens /dev/tty (the controlling terminal of the
    process), outputs the string prompt, turns off echoing, reads one line
    (the "password"), restores the terminal state and closes /dev/tty
    again.

    [1] Or existed. It was dropped from the Unix standard in POSIX.1-2001, but
    most systems still provide it.
     
    Nobody, Nov 15, 2010
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. lee, wonsun
    Replies:
    1
    Views:
    498
    Jack Klein
    Nov 2, 2004
  2. Tom Brown
    Replies:
    0
    Views:
    470
    Tom Brown
    Sep 22, 2005
  3. 7stud

    subprocess -- broken pipe error

    7stud, Jul 2, 2007, in forum: Python
    Replies:
    11
    Views:
    1,227
    Steve Holden
    Jul 2, 2007
  4. Rafael Giannetti Viotti

    Subprocess and pipe-fork-exec primitive

    Rafael Giannetti Viotti, Jul 30, 2007, in forum: Python
    Replies:
    2
    Views:
    3,031
    Rafael V.
    Aug 1, 2007
  5. Replies:
    1
    Views:
    237
    Ben Morrow
    Jun 2, 2004
Loading...

Share This Page