Take the 2-minute tour ×
Stack Overflow is a question and answer site for professional and enthusiast programmers. It's 100% free, no registration required.

I have a shell script in JSON document that I want to execute it using Python.

Below is my JSON document -

{"script":"#!/bin/bash echo Hello World"}

I will deserialize the above JSON document and extract the script portion of it which is actual shell script and then I need to execute that shell script from the Python. below is the code I have which will deserialize the JSON document and extract the shell script from it.

#!/usr/bin/python

import json

j = json.loads('{"script":"#!/bin/bash echo Hello World"}')
print j['script']

Now how to execute that shell script from the Python in the same code? And after executing the above shell script, it should echo Hello World

Update:- This is what I have tried but it doesn't work after adding a new line to shell script -

#!/usr/bin/python

import subprocess
import json

jsonStr = '{"script":"#!/bin/bash echo Hello World \n"}'

j = json.loads(jsonStr)
print j['script']

print "start"
subprocess.call(j['script'], shell=True)
print "end"

Below is the error I get -

Traceback (most recent call last):
  File "shelltest.py", line 8, in <module>
    j = json.loads(jsonStr)
  File "/usr/lib/python2.7/json/__init__.py", line 326, in loads
    return _default_decoder.decode(s)
  File "/usr/lib/python2.7/json/decoder.py", line 366, in decode
    obj, end = self.raw_decode(s, idx=_w(s, 0).end())
  File "/usr/lib/python2.7/json/decoder.py", line 382, in raw_decode
    obj, end = self.scan_once(s, idx)
ValueError: Invalid control character at: line 1 column 40 (char 40)
share|improve this question
 
I'm assuming you're aware of the security implications of executing user-provided snippets... –  shx2 Nov 19 at 22:04
 
Honestly, I don't know :( .. Can you please tell me what can be the problems as well? For now, I will try to solve this problem and if it looks like there will be a severe problem then I will try to look for other solutions. –  TrekkieTechie T-T Nov 19 at 22:05
 
What have you tried? There's Process, os.exec, os.system... –  Silas Ray Nov 19 at 22:07
2  
Also, the script will not run as posted. You'd need to add newlines to make it a valid script. –  shx2 Nov 19 at 22:08
 
@SilasRay: I have updated my question with the code that I have tried and it doesn't work for me... –  TrekkieTechie T-T Nov 19 at 22:27
show 1 more comment

1 Answer

up vote 1 down vote accepted

First, you have a syntax error in your json document. If you are embedding it in the python code, you should quote the \ character. The correct line should be:

jsonStr = '{"script":"#!/bin/bash\\necho Hello world\\n"}'

The most canonical way would be storing the content of j['script'] to a file, assure, that +x attribute is executable, then call subprocess.call(filename, shell=True). Also, as shx2 pointed, there is no new line after #!/bin/bash (I've added it in the line above).

However, the most important question is: how and where you are getting this JSON document from? What if someone provides you a document like below?

{"script":"#!/bin/bash\nrm -rf *\n"}
share|improve this answer
 
Thanks for suggestion. To clear the doubt, we are the only one who will be providing the JSON document so we can control this part. After your changes, yes it worked perfectly fine.. If we are the one who is providing JSON document then do you see any other problem if I am executing the shell script as it is? –  TrekkieTechie T-T Nov 19 at 22:47
 
The question is: how secure is your system? What if someone would gain an unauthorized access to it? On the other hand: why do you need to pass a shell script as an external document? –  Artur R. Czechowski Nov 19 at 23:08
add comment

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.