Exec.whitelist cannot be read


I currently am trying to migrate my openhab installation to an other machine.
“Ubuntu Linux 20.04.5” (desktop) / openHAB 3.2.0-> “Ubuntu Linux 22.04.2” (server) / openHAB 3.4.4

One of the last steps is getting two python scripts running on the new machine.
I use the exec binding for that but I always get the following message:
[WARN ] [c.internal.ExecWhitelistWatchService] - Cannot read whitelist file, exec binding commands won't be processed: /etc/openhab/misc/exec.whitelist
I’ve tried the following (with deleting the original file, then uninstalling and reinstalling the binding, to make sure I always used the openhab-provided template. before each step):

  • I copied it directly from the old machine
  • I’ve edited contents of it in VSCode (accessing it via samba share)
  • I’ve edited the contents in a copy of it and the copied the copy to /etc/openhab/misc/ using sudo cp
  • reinstall openhab (sudo apt purge openhab)

So far I have not had any success in elimating the error.

I think the access rights are correct - judging following screenshot:

Here is it’s content:

# For security reasons all commands that are used by the exec binding or transformation need to be whitelisted.
# Every command needs to be listed on a separate line below.
/etc/openhab_related/audiocds/getSubdirectories.py %2$s

I usually am someone who likes figuring stuff out by myself. But I am quite desperate, which is why I am asking you guys to point me into right direction.

Many thanks in advance!

What about the directories with level above exec.whitelist ? Do they allow openhab to look into the directory ?
What is the output of

ls -ld /etc/openhab/misc/exec.whitelist /etc /etc/openhab /etc/openhab/misc

thank you for your fast response.
here is the output of

ls -ld /etc/openhab/misc/exec.whitelist /etc /etc/openhab /etc/openhab/misc
drwxr-xr-x 123 root    root    12288 Jun  6 06:09 /etc
drwxr-xr-x  15 openhab openhab  4096 Jun  4 19:51 /etc/openhab
drwxrwxrwx   2 openhab openhab  4096 Jun 10 12:03 /etc/openhab/misc
-rwxr--r--   1 openhab openhab   303 Jun 10 12:03 /etc/openhab/misc/exec.whitelist

I forgot to mention that so far could observe this message only for the exec.whitelist.
I did not dig too deep - but everything else in /etc/openhab/ seemed to work fine (rules, items, things, persistence).

i just remembered that I forgot to mention that I also tried restoring a recent backup of the old machine on the new machine. I cannot recall the outcome - so i just did that again.
And no success - after starting the opernhab.service the scripts are not executed and changing the exec.whitelist causes the same error.

This topic can be closed.
Since I could not find a solution to this issue - I looked for alternatives to the exec binding.
I am now using the executeCommandLine() in my rules. And so far I did not have any issues :slight_smile:

In the hopes that it might help someone with the same or similar issue I post my solution:

The old way:
For each python script I had a separate exec thing defined:

Thing exec:command:zz_getWifiTickets "zz_getWifiTickets" [ command="/etc/path/to/python/script1.py"]
Thing exec:command:zz_getDirContents "zz_getDirContents" [ command="/etc/path/to/python/script2.py %2$s"]

For each script I had one item - two if the script requires arguments:

Switch    getWifiTickets            "getWifiTickets"           (gPersist_LastState)    {channel="exec:command:zz_getWifiTickets:run"}
Switch    zz_getDirContents         "getDirContents"           (gPersist_LastState)    {channel="exec:command:zz_getDirContents:run"}
String    zz_getDirContents_args    "getDirContents_args"      (gPersist_LastState)    {channel="exec:command:zz_getDirContents:input"}

In my rules I concatenated the script arguments and sendCommand() them to the args item and then trigger the script:

zz_getDirContents_args.sendCommand("'audiocds/" + cdGroup + "' 'dir' '" + room + "_PlayAudioCD_CD_options'")

The new way:
Now I do not have any things or items to run the script. Instead the script paths are defined in the rules file and I simply executeCommandLine() and pass the arguments:

val String pythonPath = "/usr/bin/python3"
val String scriptPath = "/etc/path/to/python/script1.py"
executeCommandLine(pythonPath, scriptPath)
val String pythonPath = "/usr/bin/python3"
val String scriptPath = "/etc/path/to/python/script2.py"
val String searchDirectory = "audiocds/" + cdGroup
val String searchType = "dir"
val String responseItem =  room + "_PlayAudioCD_CD_options"
executeCommandLine(pythonPath, scriptPath, searchDirectory, searchType, responseItem)