Mobil Mewah

Salah satu sumber Inspirasi.

Mobil Sport terbaik

Anda pasti bisa memilikinya.

Bermain dengan pesawat

Salah satu ide yang gila, Balapan di udara.

Bermain di angkasa

Apakah ini salah satu Goals dalam hidup anda? anda pasti bisa mencapainya

Sunday, 26 June 2016

Restrict user command using SUDO in Linux

Restrict user to run a specific command as root
Linux Security Police : Sudo
In Linux world we can restrict a user to run a specific command that need to be root privileges. Just use sudo and give sudo permission to user. But wait, that will give a super user privileges to the given user. They can do any Root user do, reboot, shutdown, rm -Rf /*  . Oh my, so what can we do.

In sudo still we can permit a user to run a specific command as a root level user, without giving all the root access privileges. In the Sudo documentation, it stated there but need more understanding as i do when go to the documentation.

So here my aim to just target the specific need to restrict a user run a specific command that need root privileges without giving all the root level privileges. So lets start with the use case.

I need a user  account that can execute a program that can start a service. User cannot restart other services than we specified. Let say the service is vpnconnect.sh , located in /usr/sbin . user just run sudo vpnconnect.sh restart to restart the service.

So we use visudo to edit the sudo files for safety and auto checking for errors when saving the file. Here are the step :


  1. Add a command alias in the sudo file using visudo.

    Cmnd_Alias VPNC = /usr/sbin/vpnconnect.sh
  2. Add the usergroup to allow run the command

    %support   ALL = (ALL)  VPNC
  3. Create a group called support

    #groupadd support
  4. Create a username and add it to the group.

    #useradd superman -g support
    #passwd superman
  5. Thats it!
So now you have create a user with username superman. try login using SSH and then execute the command.

#sudo /usr/sbin/vpnconnect.sh restart

It will prompt for password to able to run it. If you try it with other user which not yet registered on the support group, it will fail.

So thats all. Normal user will not able to run command that need superuser account level like reboot, restart , restart and stop a service. 

Hope this helps.


Thursday, 9 June 2016

Rest API with Django REST framework

Rest API with Django REST framework
When working with REST Api in your own application, you want to create a REST api which is follow the web standard of REST. In python , especially Django Worl, you can use Django REST framework. It support the REST Method , GET, POST, PUT, DELETE and handle it for you in the back ground.

So with this blog post, i want to have a post about my experience on working with Django REST framework. I never use it until my requirement for application goes to Mobile app, which surely the front end can be build using any hybrid method using javascript library/frameworks available, and in the back end, Python + Django still my super hero.

OK lets start, the Views in Django will be the same with Views in Django REST framework. And also the model will still be the same. We will reuse the model we already have. So the flow of creating a REST api in Django REST framework are :

1. Create Model
2. Create Serializer for the model
3. Create view for the model
4. Assign to the url.py of django

With this you will get the API browseable UI with only the above effort for you to test the API.

Step1. The models.py

from django.db import models

class Sms(models.Model):
    created = models.DateTimeField(auto_now_add=True)
    message = models.CharField(max_length=100, blank=True, default='')
    phone = models.TextField()
   
    class Meta:
        ordering = ('created',)


Step 2. the serializers.py

from rest_framework import serializers
from sms.models import Sms


class SmsSerializer(serializers.Serializer):

      model = Sms
        fields = ('id','created','message','phone')


Step 3. The view.py

from rest_framework import status
from rest_framework.decorators import api_view
from rest_framework.response import Response
from sms.models import Sms
from sms.serializers import SmsSerializer


@api_view(['GET', 'POST'])
def sms_list(request):
    """
    List all sms, or create a new sms
    """
    if request.method == 'GET':
        sms = Sms.objects.all()
        serializer = SmsSerializer(sms, many=True)
        return Response(serializer.data)

    elif request.method == 'POST':
        serializer = SmsSerializer(data=request.data)
        if serializer.is_valid():
            serializer.save()
            return Response(serializer.data, status=status.HTTP_201_CREATED)
        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)


@api_view(['GET', 'PUT', 'DELETE'])
def sms_detail(request, pk):
    """
    Retrieve, update or delete a sms instance.
    """
    try:
        sms = Sms.objects.get(pk=pk)
    except Sms.DoesNotExist:
        return Response(status=status.HTTP_404_NOT_FOUND)

    if request.method == 'GET':
        serializer = SmsSerializer(sms)
        return Response(serializer.data)

    elif request.method == 'PUT':
        serializer = SmsSerializer(sms, data=request.data)
        if serializer.is_valid():
            serializer.save()
            return Response(serializer.data)
        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)

    elif request.method == 'DELETE':
        sms.delete()
        return Response(status=status.HTTP_204_NO_CONTENT)



step 4. The url.py :

from django.conf.urls import url
from rest_framework.urlpatterns import format_suffix_patterns
from sms import views

urlpatterns = [
    url(r'^sms/$', views.sms_list),
    url(r'^sms/(?P[0-9]+)$', views.sms_detail),
]

urlpatterns = format_suffix_patterns(urlpatterns)

So the above step is how to create an api with your way, and full control on the views method you do before return the data to the rest api users.

There are another way to reduce your typing with Django REST framework, and i will post in on another blogpost.

So here it is, Django REST frameork.

Tuesday, 7 June 2016

updgrade Django-1.7.11 to 1.8.13

After upgrade my django to 1.7.11 , now the next version is 1.8.13.

So as usual i create a new virtualenv, with django-1.8.13 as the requirement, install the env with pip install.

The application affected which i use some are documented here.


  1. Error on django-compressor-1.6 library.
    I try upgrade to django-compressor-2.0 and it fixed.
  2. Django complain about south database module 'south.db.postgresql_psycopg2'. The warning tell to just remove south or using other supported database in south on SOUTH_DATABASE_ADAPTER settings.
    As Django have the build in migration, i will remove south package from my installation settings, and also remove the package in my virtualenv, so the warning message go away.
  3. Warning on appconf modules. we use django-appconf-0.6 which required by django-compressor.
    The latest version is 1.0.1 , and after upgrade the warning is gone.
  4. Django nose errors when running test. Need upgrade from django-nose-1.2 to django-nose-1.4.3
  5. Test using py.test got error because django test need using database access.
    Upgrade the pytest-django-2.7.0 to pytest-django-2.9.0 will make test work again.


Thats all what i found when upgrading my django-1.7.11 to django-1.8.13 latest version.

Next will try to django-1.9.7 the latest version as now.

Hope this post help you Djangoers.


Twitter Delicious Facebook Digg Stumbleupon Favorites More