Tauri 2.0 Process Management Running External Commands
Process management in Tauri 2.0 enables desktop applications to execute external commands and system tools integrating with OS utilities, command-line tools, scripts, and third-party applications extending functionality beyond application boundaries—essential feature for development tools, automation software, build systems, and applications requiring system integration maintaining powerful capabilities through subprocess execution. Process API combines Command builder creating subprocess configurations with stdio handling capturing output and errors, async execution enabling non-blocking operations, process killing terminating running tasks, and security controls validating commands preventing arbitrary execution delivering safe process management system. This comprehensive guide covers understanding process architecture and security model, executing simple commands with output capture, handling stdin/stdout/stderr streams, managing background processes with status monitoring, killing processes gracefully or forcefully, implementing command validation preventing injection attacks, streaming output for real-time feedback, building command builders with argument validation, and creating real-world examples including code compiler with build output, Git client with command execution, and system monitor with process listing maintaining safe system integration through controlled subprocess execution. Mastering process patterns enables building professional desktop applications extending functionality through external tools maintaining security through proper validation and controlled execution. Before proceeding, understand commands and event handling.
Basic Command Execution
Basic command execution uses Tauri Command API running system commands with output capture. Understanding process creation enables building applications executing external tools maintaining proper error handling and output collection.
// Rust: Execute external commands
use tauri::api::process::{Command, CommandEvent};
#[tauri::command]
async fn execute_command(
command: String,
args: Vec<String>,
) -> Result<String, String> {
// Create command
let output = Command::new(command)
.args(args)
.output()
.map_err(|e| format!("Failed to execute: {}", e))?;
if output.status.success() {
let stdout = String::from_utf8_lossy(&output.stdout).to_string();
Ok(stdout)
} else {
let stderr = String::from_utf8_lossy(&output.stderr).to_string();
Err(stderr)
}
}
#[tauri::command]
async fn execute_git_status() -> Result<String, String> {
let output = Command::new("git")
.args(["status", "--short"])
.output()
.map_err(|e| format!("Git command failed: {}", e))?;
if output.status.success() {
Ok(String::from_utf8_lossy(&output.stdout).to_string())
} else {
Err(String::from_utf8_lossy(&output.stderr).to_string())
}
}
#[tauri::command]
async fn list_directory(path: String) -> Result<Vec<String>, String> {
let output = if cfg!(target_os = "windows") {
Command::new("cmd")
.args(["/C", "dir", &path])
.output()
} else {
Command::new("ls")
.args(["-la", &path])
.output()
}
.map_err(|e| e.to_string())?;
if output.status.success() {
let stdout = String::from_utf8_lossy(&output.stdout);
let lines: Vec<String> = stdout.lines().map(|s| s.to_string()).collect();
Ok(lines)
} else {
Err(String::from_utf8_lossy(&output.stderr).to_string())
}
}
// Frontend: Execute commands
import { invoke } from '@tauri-apps/api/core';
async function runCommand(command: string, args: string[]) {
try {
const output = await invoke('execute_command', { command, args });
console.log('Output:', output);
return output;
} catch (error) {
console.error('Command failed:', error);
throw error;
}
}
// Examples
await runCommand('echo', ['Hello, World!']);
await runCommand('node', ['--version']);
await runCommand('python', ['--version']);
// Git status
const status = await invoke('execute_git_status');
console.log('Git status:', status);
// List directory
const files = await invoke('list_directory', { path: '/home/user' });
console.log('Files:', files);Streaming Command Output
Streaming output provides real-time feedback from long-running commands. Understanding async streams enables building responsive applications showing progress without waiting for command completion maintaining interactive user experience.
// Rust: Stream command output
use tauri::{AppHandle, Manager};
use tauri::api::process::{Command, CommandEvent};
#[tauri::command]
async fn run_command_streaming(
app: AppHandle,
command: String,
args: Vec<String>,
) -> Result<(), String> {
let (mut rx, _child) = Command::new(command)
.args(args)
.spawn()
.map_err(|e| e.to_string())?;
tauri::async_runtime::spawn(async move {
while let Some(event) = rx.recv().await {
match event {
CommandEvent::Stdout(line) => {
app.emit_all("command-stdout", &line).ok();
}
CommandEvent::Stderr(line) => {
app.emit_all("command-stderr", &line).ok();
}
CommandEvent::Terminated(payload) => {
app.emit_all("command-terminated", &payload).ok();
break;
}
CommandEvent::Error(error) => {
app.emit_all("command-error", &error).ok();
break;
}
_ => {}
}
}
});
Ok(())
}
// Frontend: Listen to streaming output
import { invoke } from '@tauri-apps/api/core';
import { listen } from '@tauri-apps/api/event';
import { useEffect, useState } from 'react';
function CommandRunner() {
const [output, setOutput] = useState<string[]>([]);
const [running, setRunning] = useState(false);
useEffect(() => {
const unlistenStdout = listen('command-stdout', (event) => {
setOutput((prev) => [...prev, event.payload as string]);
});
const unlistenStderr = listen('command-stderr', (event) => {
setOutput((prev) => [
...prev,
`[ERROR] ${event.payload as string}`,
]);
});
const unlistenTerminated = listen('command-terminated', () => {
setRunning(false);
setOutput((prev) => [...prev, '\n[Process terminated]']);
});
return () => {
unlistenStdout.then((fn) => fn());
unlistenStderr.then((fn) => fn());
unlistenTerminated.then((fn) => fn());
};
}, []);
const runCommand = async () => {
setOutput([]);
setRunning(true);
try {
await invoke('run_command_streaming', {
command: 'npm',
args: ['install'],
});
} catch (error) {
console.error('Failed to start command:', error);
setRunning(false);
}
};
return (
<div>
<button onClick={runCommand} disabled={running}>
{running ? 'Running...' : 'Run npm install'}
</button>
<pre className="output">
{output.map((line, i) => (
<div key={i}>{line}</div>
))}
</pre>
</div>
);
}Command Security and Validation
Command execution requires strict security validation preventing command injection attacks. Understanding security patterns enables building safe applications accepting user input without compromising system security through proper validation and whitelisting.
// Secure command execution with validation
use std::collections::HashSet;
use once_cell::sync::Lazy;
// Whitelist of allowed commands
static ALLOWED_COMMANDS: Lazy<HashSet<&str>> = Lazy::new(|| {
let mut set = HashSet::new();
set.insert("git");
set.insert("node");
set.insert("npm");
set.insert("python");
set.insert("cargo");
set
});
#[tauri::command]
async fn execute_safe_command(
command: String,
args: Vec<String>,
) -> Result<String, String> {
// Validate command is in whitelist
if !ALLOWED_COMMANDS.contains(command.as_str()) {
return Err(format!("Command '{}' is not allowed", command));
}
// Validate arguments don't contain shell metacharacters
for arg in &args {
if contains_shell_metacharacters(arg) {
return Err(format!("Invalid argument: {}", arg));
}
}
// Execute command
let output = Command::new(command)
.args(args)
.output()
.map_err(|e| e.to_string())?;
if output.status.success() {
Ok(String::from_utf8_lossy(&output.stdout).to_string())
} else {
Err(String::from_utf8_lossy(&output.stderr).to_string())
}
}
fn contains_shell_metacharacters(s: &str) -> bool {
const DANGEROUS_CHARS: &[char] = &['&', '|', ';', '$', '`', '\n', '(', ')', '<', '>'];
s.chars().any(|c| DANGEROUS_CHARS.contains(&c))
}
// Specific command handlers with validation
#[tauri::command]
async fn git_clone(
url: String,
directory: String,
) -> Result<String, String> {
// Validate URL format
if !url.starts_with("https://") && !url.starts_with("git@") {
return Err("Invalid git URL".to_string());
}
// Validate directory path
if directory.contains("..") {
return Err("Invalid directory path".to_string());
}
let output = Command::new("git")
.args(["clone", &url, &directory])
.output()
.map_err(|e| e.to_string())?;
if output.status.success() {
Ok("Clone successful".to_string())
} else {
Err(String::from_utf8_lossy(&output.stderr).to_string())
}
}
#[tauri::command]
async fn npm_install(
package: Option<String>,
) -> Result<String, String> {
let mut cmd = Command::new("npm");
cmd.arg("install");
if let Some(pkg) = package {
// Validate package name format
if !is_valid_npm_package(&pkg) {
return Err("Invalid package name".to_string());
}
cmd.arg(pkg);
}
let output = cmd.output().map_err(|e| e.to_string())?;
if output.status.success() {
Ok(String::from_utf8_lossy(&output.stdout).to_string())
} else {
Err(String::from_utf8_lossy(&output.stderr).to_string())
}
}
fn is_valid_npm_package(name: &str) -> bool {
// Basic validation for npm package names
name.chars().all(|c| c.is_alphanumeric() || c == '-' || c == '_' || c == '/' || c == '@')
&& !name.contains("..")
}Process Management Best Practices
- Whitelist Commands: Only allow explicitly permitted executables
- Validate Arguments: Check all arguments for shell metacharacters
- Handle Errors: Catch and report all execution failures gracefully
- Stream Output: Provide real-time feedback for long operations
- Timeout Protection: Implement timeouts preventing hung processes
- Resource Cleanup: Always terminate spawned processes properly
- User Feedback: Show clear progress and status indicators
- Path Validation: Verify file paths before passing to commands
- Platform Differences: Handle Windows vs Unix command variations
- Privilege Checking: Verify required permissions before execution
Next Steps
- Shell API: Opening files with Shell API
- Commands: Backend integration with Rust commands
- Events: Progress updates with event system
- Getting Started: Review fundamentals with first app
- Complete Guide: Master Tauri with full tutorial
Conclusion
Mastering process management in Tauri 2.0 enables building professional desktop applications extending functionality through external tools and system utilities maintaining powerful capabilities while preserving security through controlled subprocess execution delivering safe system integration users trust. Process API combines Command builder creating subprocess configurations with stdio handling capturing output and errors, async execution enabling non-blocking operations maintaining responsive UI, process lifecycle management with proper termination, and security controls validating commands preventing injection attacks delivering comprehensive process management system. Understanding process patterns including basic execution with output capture, streaming output for real-time feedback, security validation with whitelisting and argument checking, background process management, and best practices maintaining safety and responsiveness establishes foundation for building professional desktop applications delivering powerful system integration maintaining security through proper validation and controlled execution protecting users from malicious command injection. Your Tauri applications now possess powerful process management capabilities enabling features like build tool integration, version control operations, system utility access, command-line tool execution, and external application launching delivering professional desktop experiences extending functionality beyond application boundaries while maintaining security through strict validation and controlled subprocess execution users depend on!
$ share --platform
$ cat /comments/ (0)
$ cat /comments/
// No comments found. Be the first!
