Probably. Though there is some doubt as to whether that is an issue in Buster or not. But since it is an issue in older raspbians the tutorial could use an update. Apparently on Buster, both reboot and shutdow -r actually alias to systemctl reboot so all three are the same.
You still need to be root to do some operations using systemctl.
The commands are there in Buster. They are just mapped to systemcl. But even so, I don’t think there would be a problem with sudoers if you give permission on a command that doesn’t exist.
I can’t help you with your specific question, but I’m curious as to what you’re trying to accomplish. It sounds like you’re trying to create a rule to run OH backups. If so, you should look at the Amanda backup tool.
Truth be told, I haven’t actually installed Amanda. For my purposes, it’s been fine to take an image of my SD card before I make major changes, and simply keep copies of my configuration files (items, rules, etc.) on Google Drive.
I keep images of my SD card aswell, but when trying new stuff i backup just for easy restore. After that i can try again.
But sometime i forget to backup when turing off my computer. With this rule i could make a quick backup and copy it later on.
@rpwong, thanks for your straigthforward guide.
I’m on the latest openHabian with Raspbian Buster and having trouble getting this to work.
Using the following command to create/change my sudoers file: sudo visudo -f /etc/sudoers.d/openhab_userrights
Which in turn looks like this:
#Allow openhab user to execute systemctl command
openhab ALL=(ALL) NOPASSWD: /sbin/systemctl
When I try to test reboot from the SSH console it is asking me for a password, which according to my understanding should not be happening as NOPASSWD is set in the sudoers file.
[14:18:27] openhabian@openhab:~$ sudo -u openhab /bin/bash
[14:21:36] openhab@openhab:/home/openhabian$ systemctl reboot
User openhabian is logged in on sshd.
Please retry operation after closing inhibitors and logging out other users.
Alternatively, ignore inhibitors and users with 'systemctl reboot -i'.
[14:21:45] openhab@openhab:/home/openhabian$ systemctl reboot -i
==== AUTHENTICATING FOR org.freedesktop.login1.set-wall-message ===
Authentication is required to set a wall message
Authenticating as: root
Password:
[14:22:50] openhab@openhab:/home/openhabian$ sudo systemctl reboot
.
.
.
[sudo] password for openhab:
Sorry, try again.
[sudo] password for openhab:
sudo: 1 incorrect password attempt
[14:23:21] openhab@openhab:/home/openhabian$
The default password for the openhab user (habopen) seems incorrect, but I am weary of changing it to avoid breaking other things.
When triggered over the sitemap the rule is running, but nothing is happening. My assumption is that this is due to authentication issues.
The openhab user in the operating system doesn’t have a password. This is by design and is a Linux best practice. The password you are thinking of is for the Karaf Console user which has nothing to do with the operating system.
Beyond that, all I can offer is that it seems the sudoers file you created is not being loaded and applied for some reason. The NOPASSWD means it should not all for a password for that command.
We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:
#1) Respect the privacy of others.
#2) Think before you type.
#3) With great power comes great responsibility.
[sudo] password for openhab:
then escape and retry (now only the question for password should emerge). escape again.
now tryout systemctl reboot
Hi @rpwong , sorry for the late reply and thanks for the interest. I basically gave up and started working on other topics in the meanwhile. When I pick it up again I’ll reactivate the thread.
Restarting Openhab via a rule works fine for me, based on the info in this thread.
Is there a way to also issue caraf commands in a similar way? I like to be able to restart a binding using a rule and a switch item via the Openhab app.
I went down a similar path as yourself figuring out how to get a reboot+shutdown to work, though I used buttons on the sitemap (in a sub frame of the site map). I used the visibility option on the sitemap to make a Yes/No dialogue appear/disappear (as necessary) to confirm the action for reboot or shutdown.
//****************************
//** Restart OpenHab Server **
//****************************
rule "Restart OpenHab Server"
when
Item Restart_confirm received command
then
switch (receivedCommand) {
case ON : { logInfo("Restart", *** Restart Server - Sent from UI ***", "\n") Restart_Shutdown.postUpdate(3) Restart_confirm.postUpdate(OFF) executeCommandLine("sudo@@reboot", 10000) }
case OFF : { Restart_Shutdown.postUpdate("3") }
}
end
//*****************************
//** Shutdown OpenHab Server **
//*****************************
rule "Shutdown OpenHab Server"
when
Item Shutdown_confirm received command
then
switch (receivedCommand) {
case ON : { logInfo("Shutdown", *** Shutdown Server - Sent from UI ***", "\n") Restart_Shutdown.postUpdate(3) Shutdown_confirm.postUpdate(OFF) executeCommandLine("sudo@@shutdown", 10000) }
case OFF : { Restart_Shutdown.postUpdate("3") }
}
end
Thought it worth throwing this into this post.
A small code change is needed for OH3. Please click thisLINKfor details
I followed all the instructions on the guide, with the only exception that I’m using HABPanel:
Made openhab a super user
Created the permissions file with visudo
Tested the permissions and they worked
Created the Item
String Flag_System "System" <switch>
Created a selector with the exact same options
Set up the rules
rule "Reboot openHAB"
when
Item Flag_System received command "Reboot"
then
logInfo("Flag_System", "Manually rebooting openHAB")
executeCommandLine("sudo@@reboot", 5000)
end
However, when I change from Active to Reboot or Shutdown on HABPanel, nothing happens. I set the Karaf Console to trace the rule runtime with:
I realized that the shutdown/reboot rules are not being triggered when I give the instruction on HABPanel, but other rules are being normally triggered.
My system is Raspbian 9 on a Raspberry Pi 3 with OpenHAB 2.5.2-1
Please don’t let user openhab become super user.
Instead use sudo and allow only the commands you need to be used without a password.
I don’t know if this is correct for your version, but in question of exec there is a white list file to permit commands to be executed by exec binding. This option is brand new.
Move to openHABian, debug your system if you still have issues that you cannot resolve without restarting OH, then keep your system running 24/7 and forget about that reboot switch. It’s unnecessary and potentially harmful.
I totally agree and also don’t like giving super powers to low-level users. However, when you implement the system for non-technical users, you cannot tell them “log in to the server via SSH and restart it”. You need to provide a user-friendly option, otherwise they will simply go and pull the plug.
OpenHAB should provide such a friendly (and secure) option by default instead of making us look for workarounds.
I personally believe that systems (even highly available ones) should be rebooted periodically for performance reasons, but that’s not part of this discussion and you’re right about pointing out that (doing it this way) is potentially harmful.