peterstockings/DokkuStatus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add server shell access

Browse Source
This commit is contained in:
Peter Stockings
2025-12-24 11:11:53 +11:00
parent 4f34696c72
commit e5d650c8a4
1 changed files with 15 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
app.py
View File

@@ -538,13 +538,22 @@ def api_terminal_exec():
return jsonify({"error": "No command provided"}), 400 return jsonify({"error": "No command provided"}), 400
try: try:
# Use shell execution via sh() # HOST ESCAPE: execute command on the host by mounting host / and using chroot
# sh() uses subprocess.check_output with shell=False by default (list of strings) # We use a tiny alpine container to bridge to the host.
# However, to support pipe/redirection for the user, we should allow shell=True-like behavior # This requires the flask container to have docker socket access (which it does).
# Let's wrap it in ['sh', '-c', command] host_cmd = [
output = sh(["sh", "-c", command]) DOCKER, "run", "--rm",
"-v", "/:/host",
"alpine", "chroot", "/host", "sh", "-c", command
]
output = sh(host_cmd)
return jsonify({"output": output, "status": "success"}) return jsonify({"output": output, "status": "success"})
except subprocess.CalledProcessError as e: except subprocess.CalledProcessError as e:
return jsonify({"output": e.output or str(e), "error": True, "status": "error"}) # Cast output to string as it might be bytes
out = e.output
if hasattr(out, "decode"):
out = out.decode("utf-8", errors="replace")
return jsonify({"output": out or str(e), "error": True, "status": "error"})
except Exception as e: except Exception as e:
return jsonify({"output": str(e), "error": True, "status": "error"}) return jsonify({"output": str(e), "error": True, "status": "error"})