Imagemagick bullshit permissions

daniel.m.tripp · March 8, 2023, 8:59am

I LOVE imagemagick, but sometimes it goes way beyond my simple CLI and scripting knowledge with its bizarro obtuseness.

Got fed up of the inconsistencies in freaking linux just to get a simple feckin’ sceenshot!

On my main desktop - its main keyboard (and mouse) is Synergy KVM client, with the server running on MacOS ( this is not ideal - would prefer vice versa, but the server runs on my Work MacBook and the Synergy client on it HATES something about it - it’s the big brother nazi overlord software I reckon - 'cause it doesn’t happen on my personal Mac [I may yet make that the Synergy server]) - so anyway - despite using a Lenovo Thinkpad Keyboard II (bluetooth with trackPOINT ) with an actual PRT-SCRN button - it doesn’t translate over to Linux…

So I have to fire up the builtin screenshotting tool (it’s VERY cumbersome) just to take a screenshot.

Works a treat “out of the box” on Pop!OS on the actual ThinkPad with the PRT-SCRN button (between Alt and Ctrl on the right).

On the Pi? No dice EITHER way - there’s a screenshotting tool (the same gnome one on x86) but it NEVER EVER launches an interface. So I figured out (from yonks ago) I can use “import” which is part of ImageMagick to grab my desktop :

sudo apt install imagemagick (Pop!OS is a bit remiss here - Ubuntu nearly always just installs imagemagick anyway)
import -window root output.PNG

So I figure - I’m gonna plonk that into a shell script :

#!/usr/bin/env	bash
# We need imagemagick install for this qunt to work: 
# screenshitter program is "import"
NOMNOM=$(uname -n)
NOMNOM=$NOMNOM-$(date '+%Y%m%d-%H%M')
# NOMNOM-STR=$(uname -n)
# import -window root shictunt00.png
echo ScreenShit-$NOMNOM.png
OUTIE=~/ResilioSync/bigshit/Photos/Screenshots/
import -window root $OUTIE$NOMNOM

That’s nearly EXACTLY what I wrote earlier, interactively, in my shell… But would that work? NO!
On the Thinkpad (Pop 22) :

╭─x@fenriz ~/Videos  
╰─➤  ~/bin/screenio-qunto.bash 
ScreenShit-fenriz-20230308-1634.png
import-im6.q16: attempt to perform an operation not allowed by the security policy `PS' @ error/constitute.c/IsCoderAuthorized/421.

Desktop (Pop 22) :

╭─x@titan ~/bin  ‹main*› 
╰─➤  ./screenio-qunto.bash                                                                                                                                                                   1 ↵
ScreenShit-titan-20230308-1645.png
import-im6.q16: attempt to perform an operation not allowed by the security policy `PS' @ error/constitute.c/IsCoderAuthorized/421.

Pi4 (Pop 22) :

╭─x@bebhionn ~/bin  ‹main*› 
╰─➤  ./screenio-qunto.bash 
ScreenShit-bebhionn-20230308-1646.png
import-im6.q16: attempt to perform an operation not allowed by the security policy `PS' @ error/constitute.c/IsCoderAuthorized/421.

But :

╭─x@bebhionn ~/bin  ‹main*› 
╰─➤  import -window root eatmyass.png
╭─x@bebhionn ~/bin  ‹main*› 
╰─➤  ls -al eatmyass.png 
-rw-rw-r-- 1 x x 1407729 Mar  8 16:48 eatmyass.png

works perfectly (on all of the above too) and creates a screenshot! What’s going on?
What’s that security bullshit? I remember recently having to tweak some bizarro XML or JSON file to get imagemagick to write a PDF - but WHY??? If there’s security risks there - why not have one branch of imagemagick to use on servers (e.g. Apache) and another that less of a Nazi piece of crap for desktop users? All this because I’m trying to batch something? Interactive’s more secure?

Update : doesn’t like me outputting to a folder that just happens to also be a sync folder from ResilioSync - but far as Linux is concerned - that folder is JUST A FOLDER on my $HOME!!!

IPSO FACTO : IT’S JUST AN EFFING FOLDER with POSIX stuff

nevj · March 8, 2023, 10:27am

Is it because it is outputting a screenshot. ? I can understand a screenshot bring a security risk, especially if written to a synced folder… it would not know where it was going.

berninghausen · March 8, 2023, 4:07pm

I just use the screenshot option in the rightclick/context menu of Firefox 110.0.1 and the screenshot just drops into my Downloads folder.

How could this go wrong or be simpler??

easyt50 · March 8, 2023, 4:21pm

There is a Screenshot option in Mint’s menu. So easy to use!

pdecker · March 8, 2023, 11:45pm

Maybe it’s complaining about a temporary file it tries to save somewhere. If it uses a /tmp folder you should have permissions. What if it tries to use the source folder? I’m not clear on what that import command is using for the source.

daniel.m.tripp · March 9, 2023, 12:34am

Yeah - that makes complete sense, now… Had a few glasses of wine last night, my reasoning wasn’t performing at capacity…

Would be a pretty cool way to snoop on desktop users! But it’s behaviour that looks like it can be overwritten - maybe? I know there’s a workaround for a similar message about converting to PDF (tweaking a config file somewhere in /etc).

Maybe 'cause I don’t use Firefox (I have it installed but barely ever use it - 1. it’s a SNAP on Pop!Os just like on Ubuntu).
Or Mint? i.e. I DON’T use Mint. Everytime I’ve taken a look at it - I hated it and went back to Ubuntu.

Here’s what I hate about having to hunt and peck (in a menuing system) for the screenshot utility - IT TAKES TOO LONG!

The best solution - which I already know about is : press any combination of PRT-SCRN preceded by Alt, or Ctrl… I also know what they are in Mac… Shift+CMD+3 to capture ALL the screens… Shift+CMD+4 to marquee select.

Pop!OS is annoying because PRT-SCRN doesn’t just SHUTUP and take a screenshot of “all the screens” like Ubuntu would - no - it ASKS you what you want to screenshoot! WTF? Get OUT of my face and JUST take the screenshot NOW!

NONE - ZERO of ANY of these tricks work on Pop! running on my Pi4 - not even the menu option to take a screen shot (screen shot of menu item taken on a nother computer BECAUSE I CAN’T take a sceenshot with the menu item!!!) :
Screenshot from 2023-03-09 08-27-28
DOES NOTHING on Pop! on Pi4 when clicked on, NOTHING happens. I don’t care too much to troubleshoot… I can do a screenshot in Pop! on the Pi from a terminal, but by then it’s probably too late 'cause the thing I want to shoot will disappear when I go to another window… This can also happen when you have to hunt and peck in a menuing system for the screenshot utility.

found another shell script here :

gist.github.com

https://gist.github.com/sp3c73r2038/3741659

screenshot

#!/bin/bash

DIR="${HOME}/images/screenshots"
DATE="$(date +%Y%m%d-%H%M%S)"
NAME="${DIR}/screenshot-${DATE}.png"
LOG="${DIR}/screenshots.log"

# Check if the dir to store the screenshots exists, else create it:
if [ ! -d "${DIR}" ]; then mkdir -p "${DIR}"; fi

This file has been truncated. show original

and tweaked it a bit and called it shitshot.bash (in a folder on my path)

#!/usr/bin/env bash
PROG="$(basename $0)"
DIR="${HOME}/Pictures/Screenshots"
DATE="$(date +%Y%m%d-%H%M%S)"
HOHO="$(uname -n)"
NAME="${DIR}/$HOHO-screenshot-${DATE}.png"
LOG="${DIR}/screenshots.log"

# Check if the dir to store the screenshots exists, else create it:
if [ ! -d "${DIR}" ]; then mkdir -p "${DIR}"; fi

# Screenshot a selected window
if [ "$1" = "win" ]; then import -format png "${NAME}"; fi

# Screenshot the entire screen
if [ "$1" = "scr" ]; then import -format png -window root "${NAME}"; fi

# Screenshot a selected area
if [ "$1" = "area" ]; then import -format png "${NAME}"; fi

if [[ $# = 0 ]]; then
    # Display a warning if no area defined
    echo "No screenshot area has been specified. Screenshot not taken."
    echo "${DATE}: No screenshot area has been defined. Screenshot not taken." >> "${LOG}"
else
    # Save the screenshot in the directory and edit the log
    echo "${NAME}" >> "${LOG}"
fi

I might remove that logging bullshit - don’t care if or why it fails…

But it does work :

and it’s nearly POIFECT for dumping all of the screens (sorry about the cusswords, I’m lazy and can’t be arsed redacting them)

And here’s what happens if I try to run it remotely (e.g. over SSH with X tunnelling enabled) - e.g. in a terminal session from MacOS (iTerm2) :

berninghausen · March 9, 2023, 1:29am

If I found that I needed screenshots, I’d just use Firefox. It’s easier than whining.

daniel.m.tripp · March 9, 2023, 1:40am

But I enjoy whining… where’t the fun in not whining?

The easiest possible method is :

(not my finger)

But not all keyboards have that (on modern Lenovo keyboards, it’s on the right between Alt and Ctrl) - and some systems don’t recognize that. Some (like Pop!) bring up the screenshot utility. I prefer Ubuntu behaviour where pressing that button takes a screen shot of the whole desktop(s).

4dandl4 · March 9, 2023, 2:58am

Was going to compile media-gfx/imagemagick in Gentoo, but after checking for
dependencies decided to use apt-text/mupdf to open jpeg and png files.

daniel.m.tripp · March 9, 2023, 3:09am

Also - I just found this 4 year old post about Pop! :

and

CTRL+ALT+SHIFT+R

will pop up the print screen “overlay” doohickey… Which is tad more complex than the Mac equivalent (Shift+Super/CMD+5)…

nevj · March 9, 2023, 8:35am

Using imagemagik to do a screenshot is a bit like using a steam hammer to kill a mosquito
It is a giant toolkit for images. Deserves more attention

daniel.m.tripp · March 9, 2023, 8:52am

I think of it as the reverse…

Why use a steam hammer to kill a mosquito with a huge GUI binary thingie with a truckload of dependancies, when there’s something, light and tight, and ubiquitous like imagemagick?

I like a solid reliable GUI to give me the quickest and dirtiest path to having a terminal window so I can run shell / text / cli binaries (never mind ncurses)…

I use imagemagick on MacOs too…

I swear by it…

I mostly call it with “mogrify” or “convert”, but been learning about “import” just this week.

20 something years ago - you’d run “imagemagick convert et cetera” now they’ve condensed it, nicely, IMHO…

I think I posted some stuff on here 6-12 months ago about using imagemagick in a shell script to downsample, then deliberately upsample, bitmaps created in Inkscape so they looked “old school” pixelated like a 320x240 VGA game from 1990…

Bit of swearing in my scripting :

╭─x@titan ~/bin  ‹main*› 
╰─➤  cat piggzel8.bash 
#!/usr/bin/env	bash
<<'COMMENTATO'
  pixelate a image into "pixel art"...  
  will do either 5, 7 or 10 % reducto then 1000% grobow - will expect two arguments - but NO MORE ARGUING! we're gunna assume PNG in and PNG out (but input shouldn't matter, output will always be PNG - actually input other than PNG might break it)... 
  Like DIS mofo : 
           convert -scale 5% -scale 1000% thalidomide-robot-face.png thalidomide-robot-face-out.png
  Version 3 - added 4th option to do 20% if too much pixelization
COMMENTATO
# Global Variables : 
PROG=$(basename "$0")
IMAGIO="$1"
SIZIO=$2
TRIMDCUNT=$(basename "$IMAGIO" .png)
BING="/usr/bin/convert"
# set -vx
if [ "$#" -ne 2 ] ; then
        echo "Need TWO arguments:"
	echo "     e.g.  $PROG \"imagefile.png\" (1,2,3 or 4)"
	echo ""
	echo "     e.g.     $PROG factunt.png 1"
	echo "                 will downsize \"factunt\" to  5% before grobowing up to 1000%"
	echo "     e.g.     $PROG factunt.png 2"
	echo "                 will downsize \"factunt\" to  7% before grobowing up to 1000%"
	echo "     e.g.     $PROG factunt.png 3"
	echo "                 will downsize \"factunt\" to 10% before grobowing up to 1000%"
	echo "     e.g.     $PROG factunt.png 4"
	echo "                 will downsize \"factunt\" to 20% before grobowing up to 1000%"
        exit 1
fi
if [ ! -f "$IMAGIO" ] ; then
	echo "$IMAGIO doesn't exist - be more specific ya moron!"
	exit 1
fi

if [ $SIZIO -lt 1 ]  || [ $SIZIO -gt 4 ] ; then 
	echo "1 = 5%, 2 = 7%, 3 = 10%, 4 = 20% - THERE ARE NO OTHER >>ACCEPTABLE<< VALUES "
	exit 1
fi

case $SIZIO in
	1)
		REDUCTO="5"
		GROWBO="1000"
	;;
	2)
		# because sometimes 5% is too much, but 10% is not enough
		REDUCTO="7"
		GROWBO="1000"
	;;
	3)
		REDUCTO="10"
		GROWBO="1000"
	;;
	4)
		REDUCTO="20"
		GROWBO="1000"
	;;
	# anything else situation probably redundant - but not really...
	*)
		echo "not a number between 1 and 3 moron!"
		exit 1
	;;
esac	
$BING -scale $REDUCTO% -scale "$GROWBO"% "$IMAGIO" "$TRIMDCUNT"-out-"$SIZIO".png
echo "iffenya rundis again - will overrite previous output..."

e.g. this (export from Inkscape):

to this :

But then I got bored of this (was gonna do some kinda web comic about a rabbit and a phoetus - and only discovered recently, anyway - that someone had been doing that in the states since Compuserve days [i.e. late 80’s early 90’s] - one of the first ever webcomics, had a rabbit, and a phoetus).

and that script (piggzel8.bash) helped me learn about having whole blocks of comments - or comment out whole paragraphs etc…

nevj · March 9, 2023, 11:50am

fair enough. Doing it without a gui is a good reason to use imagemagick

daniel.m.tripp · March 9, 2023, 12:21pm

One day when I’m bored - I might investigate, just using the size of binaries - which solution is less efficient (the bigger the binary - AND LIBRARIES it needs, the less efficient - will probably require judicious use of ld to find those libraries).

Doing something using a desktop binary…
Accompllsh the exact same task in a terminal with a bit of CLI-fu…

Piping and STDIO : maybe there’s a way in a GUI - but is there? e.g. take GUI app one, pipe it to GUI app two, tweak it, and send it to GUI app three?
Dunno - the UNIX shell will always be more efficient. And in 30 years, there’s whole bits of it I haven’t even needed to use - like highly sophisticated regex, and “xargs” (I barely even know what that is - I’ve only used it briefly copying stuff from stackexchange, and when I still couldn’t understand it - I didn’t try that again - I don’t believe in that).

BRING ON THE BENEVOLENT DICATORSHIP OF AI : (glass nearly full)
EVEN MORE SO when AI like ChatGPT will control our lives
Bring on the singularity! Bring on the revolution!

kovacslt · March 9, 2023, 12:47pm

IF all you do to data is something that’s fully automated, or can be done that way.
The more “human work” is involved processing data, the less efficient is the bare shell, I think.
Can you imagine to draw a picture with Inkscape(-alike) program on the tty?

JACK comes to my mind, where you can send audio data from one app to another one to process. TBH it’s not extactly stdio, but works similar in a way…

daniel.m.tripp · March 9, 2023, 1:06pm

I’m not saying it can’t be done - I’m just saying it’s nothing like piling different shaped lego bricks to do different stuff… the shell, we don’t bother with such abstractions (building block metaphors)…

I agree - and JACK is pretty cool…

nevj · March 9, 2023, 11:08pm

Stuff like ‘Send to’ in file managers. But launchers dont have it.

There was a GUI app I saw once where you graphically connected together all the programs you wanted to pipe together. It looked like a flowsheet. You then fired the whole thing off like it was one process. Cant remember its name?

daniel.m.tripp · March 10, 2023, 1:16am

I’ve seen graphical representations of stuff… i.e. you design a pipeline graphically, but it’s just that - a representational model…

I used to work in IT in the Health Industry - and it has a few standards, e.g. tranfer of medical / patient information should conform to the “HL7” standard.

And we had stuff like ancient legacy Oracle DB and “Forms” applications (on ancient SunOS 4) in Radiology and Blood Bank - that needed to talk to the PMI (Patient Master Index) which went from mainframe CICS to some sorta thing called TOPAS running on DG-UX UNIX (and maybe newer Oracle DB backend)…

We had a product called HIE / HCI Cloverleaf specifically designed to be an interface engine for the Health Industry - we ran it on Digital Unix (AKA OSF and Tru64 - on Alpha). It’s the ONLY IT product I’ve ever been certified in (passed the exam too!) - that was 1997… Never really touched it again after around 2001… anyway - you could write connections in tickle (TCL/TK) or design them graphically…

I guess in someways running X applications remotely fits that model of GUI apps talking to one another? Even when doing it over SSH (it worked WAY better with telnet and rsh but! I miss rsh).

pdecker · March 10, 2023, 2:16am

The bad old days of CICS! Used mostly in school, but a bit on the job too.

In my current job I use Microsoft System Center Orchestrator. We call it SCOrch. Microsoft bought the product from a company when it was called Opalis.

It uses a GUI with a flowchart like sequence of objects linked together. Branches are based on success, failure, and return codes. The objects themselves are provided by different providers as “integrations”. We can run batch files, VBS, or PowerShell on remote Windows servers (via rdp), scripts on remote Linux servers (via ssh), send emails, SQL queries, and tons of other stuff. It’s pretty cool, but also a pain in the butt to maintain.

daniel.m.tripp · March 10, 2023, 2:45am

NOOOOO!

I just got flashbacks to CA Unicenter! No!!! I used to be on-call for an overnight batch system - glued together with bits and pieces in Unicenter - DOS batch files, UNIX (Solaris) Shell scripts, SQL scripts (Oracle PL/SQL) - for a system that “inherited” a bunch of legacy stuff from when it ran in CICS on an IBM mainframe… IT was HIDEOUS! It wasn’t health industry, it was energy / utility sector…

And that sound of a Nokia SMS alert at 2:30 am! Nooo! I’m sure that sent my beard greyer prematurely! I certainly got PTSD from it too! One night I got three alerts in a row, thought I’d fixed it by midnight… Went to bed and forgot to put my phone on charge, and it died (phone battery) and the “sloppy smelly brown stuff hit the air spinning device” the next morning! (my earlier fixes didn’t fix it - but I slept in blissful ignorance).

Yuck… It was horrible…

I just remembered / realised, that was about 20 years ago, we used to drive Unicenter via VNC running on a Windows NT 4 “workstation” via dial up. That NT 4 workstation was on the same floor, of the same office buidling I currently work in! Different tenant, all the decor and partitions and desk arrangements are vastly different, but it was the same floor and the same building…