The setting “NOPASSWD” in sudoers is to enable the user openhab to use the command “sudo” without password for a specific command, but you always have to call sudo.
05:21:14.425 [INFO ] [.smarthome.model.script.Server Backup] - Backup Executed Sorry, user openhab is not allowed to execute '/usr/bin/sudo /etc/openhab2/scripts/backup.sh' as openhab on openhab2.ddns.net.
05:32:59.112 [INFO ] [.smarthome.model.script.Server Backup] - Backup Executed Sorry, user openhab is not allowed to execute '/usr/bin/sudo /etc/openhab2/scripts/backup.sh' as openhab on openhab2.ddns.net.
rule "Backup OH2 ready for RClone, in the proceeding rule"
when
Time cron "0 0 1 ? * * *"
then
logInfo("Server Backup", "OH2 is being backed up")
executeCommandLine("sudo openhab-cli backup /home/kris/OH2Backup.zip")
end
But I don’t know how “dangerous” this could be in fact of an internet attac or something else. I don’t understand how I can give the user “openhab” permission to only run these commands. Can you please help me?
I hesitate to open a new topic but it’s exactly the same topic and i have almost tried everything in this thread
the openhab service getting restarted without reason
2019-10-30 12:46:33.818 [vent.ItemStateChangedEvent] - PR1_SensorLuminance_LastUpdate changed from 2019-10-30T11:40:31.000+0200 to 2019-10-30T12:46:33.755+0200
==> /var/log/openhab2/openhab.log <==
at org.apache.felix.scr.impl.Activator.loadComponents(Activator.java:382) ~[?:?]
at org.apache.felix.scr.impl.Activator.access$200(Activator.java:49) ~[?:?]
at org.apache.felix.scr.impl.Activator$ScrExtension.start(Activator.java:264) ~[?:?]
at org.apache.felix.scr.impl.AbstractExtender.createExtension(AbstractExtender.java:196) ~[?:?]
at org.apache.felix.scr.impl.AbstractExtender.modifiedBundle(AbstractExtender.java:169) ~[?:?]
at org.apache.felix.scr.impl.AbstractExtender.modifiedBundle(AbstractExtender.java:49) ~[?:?]
at org.osgi.util.tracker.BundleTracker$Tracked.customizerModified(BundleTracker.java:482) ~[?:?]
at org.osgi.util.tracker.BundleTracker$Tracked.customizerModified(BundleTracker.java:415) ~[?:?]
at org.osgi.util.tracker.AbstractTracked.track(AbstractTracked.java:232) ~[?:?]
at org.osgi.util.tracker.BundleTracker$Tracked.bundleChanged(BundleTracker.java:444) ~[?:?]
at org.eclipse.osgi.internal.framework.BundleContextImpl.dispatchEvent(BundleContextImpl.java:908) ~[?:?]
at org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230) ~[?:?]
at org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148) ~[?:?]
at org.eclipse.osgi.internal.framework.EquinoxEventPublisher.publishBundleEventPrivileged(EquinoxEventPublisher.java:213) ~[?:?]
at org.eclipse.osgi.internal.framework.EquinoxEventPublisher.publishBundleEvent(EquinoxEventPublisher.java:120) ~[?:?]
at org.eclipse.osgi.internal.framework.EquinoxEventPublisher.publishBundleEvent(EquinoxEventPublisher.java:112) ~[?:?]
at org.eclipse.osgi.internal.framework.EquinoxContainerAdaptor.publishModuleEvent(EquinoxContainerAdaptor.java:168) ~[?:?]
at org.eclipse.osgi.container.Module.publishEvent(Module.java:476) ~[?:?]
at org.eclipse.osgi.container.Module.start(Module.java:467) ~[?:?]
at org.eclipse.osgi.internal.framework.EquinoxBundle.start(EquinoxBundle.java:383) ~[?:?]
at org.eclipse.osgi.internal.framework.EquinoxBundle.start(EquinoxBundle.java:402) ~[?:?]
at org.apache.karaf.features.internal.service.BundleInstallSupportImpl.startBundle(BundleInstallSupportImpl.java:165) ~[?:?]
at org.apache.karaf.features.internal.service.FeaturesServiceImpl.startBundle(FeaturesServiceImpl.java:1153) ~[?:?]
at org.apache.karaf.features.internal.service.Deployer.deploy(Deployer.java:1036) ~[?:?]
at org.apache.karaf.features.internal.service.FeaturesServiceImpl.doProvision(FeaturesServiceImpl.java:1062) ~[?:?]
at org.apache.karaf.features.internal.service.FeaturesServiceImpl.lambda$doProvisionInThread$13(FeaturesServiceImpl.java:998) ~[?:?]
at java.util.concurrent.FutureTask.run(FutureTask.java:266) [?:?]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:?]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:?]
at java.lang.Thread.run(Thread.java:748) [?:?]
Caused by: java.util.concurrent.TimeoutException: Total timeout 5000 ms elapsed
at org.eclipse.jetty.client.HttpDestination$TimeoutTask.onTimeoutExpired(HttpDestination.java:527) ~[?:?]
at org.eclipse.jetty.io.CyclicTimeout$Wakeup.run(CyclicTimeout.java:282) ~[?:?]
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) ~[?:?]
at java.util.concurrent.FutureTask.run(FutureTask.java:266) ~[?:?]
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180) ~[?:?]
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293) ~[?:?]
... 3 more
2019-10-30 12:38:13.728 [INFO ] [.googletts.internal.GoogleTTSService] - Using cache folder /var/lib/openhab2/cache/org.openhab.voice.googletts
2019-10-30 12:38:15.093 [WARN ] [.googletts.internal.GoogleTTSService] - Audio format OGG_OPUS is not yet supported.
i constated that when checking the openhab service status this error
[14:26:36] openhab@openhabian:~/config/org/openhab$ sudo systemctl status openhab2
● openhab2.service - openHAB 2 - empowering the smart home
Loaded: loaded (/usr/lib/systemd/system/openhab2.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2019-10-30 13:19:01 IST; 1h 15min ago
Docs: https://www.openhab.org/docs/
https://community.openhab.org
Main PID: 25800 (java)
CGroup: /system.slice/openhab2.service
├─21072 arping -w 5 -c 1 -I wlan0 209.58.128.135
└─25800 /usr/bin/java -Dopenhab.home=/usr/share/openhab2 -Dopenhab.conf=/etc/openhab2 -Dopenhab.runtime=/usr/share/openhab2/runtime -Dopenhab.userdata=/var/lib/openhab2 -Dopenha
oct. 30 14:31:34 openhabian sudo[20140]: pam_unix(sudo:session): session closed for user root
oct. 30 14:31:44 openhabian sudo[20240]: openhab : TTY=unknown ; PWD=/var/lib/openhab2 ; USER=root ; COMMAND=/usr/bin/python /etc/openhab2/scripts/Switcher-V2-Python/switcher.py 2
oct. 30 14:31:44 openhabian sudo[20240]: pam_unix(sudo:session): session opened for user root by (uid=0)
oct. 30 14:31:48 openhabian sudo[20240]: pam_unix(sudo:session): session closed for user root
oct. 30 14:32:48 openhabian sudo[20595]: openhab : TTY=unknown ; PWD=/var/lib/openhab2 ; USER=root ; COMMAND=/usr/bin/python /etc/openhab2/scripts/Switcher-V2-Python/switcher.py 2
oct. 30 14:32:48 openhabian sudo[20595]: pam_unix(sudo:session): session opened for user root by (uid=0)
oct. 30 14:32:52 openhabian sudo[20595]: pam_unix(sudo:session): session closed for user root
oct. 30 14:33:52 openhabian sudo[20909]: openhab : TTY=unknown ; PWD=/var/lib/openhab2 ; USER=root ; COMMAND=/usr/bin/python /etc/openhab2/scripts/Switcher-V2-Python/switcher.py 2
oct. 30 14:33:52 openhabian sudo[20909]: pam_unix(sudo:session): session opened for user root by (uid=0)
oct. 30 14:33:56 openhabian sudo[20909]: pam_unix(sudo:session): session closed for user root
see below sudo visudo
This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
Defaults mail_badpass
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL:ALL) ALL
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
# See sudoers(5) for more information on "#include" directives:
#includedir /etc/sudoers.d
dataplicity ALL=(ALL) NOPASSWD: /sbin/reboot
#openhab ALL=NOPASSWD: /etc/openhab2/scripts/*
i have created a file
sudo visudo -f /etc/sudoers.d/nopasswordneeded
with only this row but i am still getiing this issue
openhab ALL=(ALL) NOPASSWD: ALL
i know that i should limit the scope of the openhab user as below but it do not work
openhab openhabian ALL=(ALL) NOPASSWD: /usr/bin/python /etc/openhab2/scripts/w_gil_work.py
openhab openhabian ALL=(ALL) NOPASSWD: /usr/bin/python /etc/openhab2/scripts/w_gil_home.py
openhab openhabian ALL=(ALL) NOPASSWD: /usr/bin/python /etc/openhab2/scripts/w_karen_work.py
openhab openhabian ALL=(ALL) NOPASSWD: /usr/bin/python /etc/openhab2/scripts/w_karen_home.py
openhab openhabian ALL=(ALL) NOPASSWD: /usr/bin/python /etc/openhab2/scripts/w_netanyatoraanana.py
openhab openhabian ALL=(ALL) NOPASSWD: /usr/bin/python /etc/openhab2/scripts/w_raananatonetanya.py
openhab openhabian ALL=(ALL) NOPASSWD: /usr/bin/python /etc/openhab2/scripts/Switcher-V2-Python/switcher.py
I know this is old topic but it is very related to what I am trying to do.
I am trying to restart service that is running on the same rPi 4 as the openhabian but I can’t doesn’t work.
I created file in the etc/sudoers.d containing the following:
openhab ALL=(ALL) NOPASSWD: /bin/systemctl start ring
openhab ALL=(ALL) NOPASSWD: /bin/systemctl restart ring
openhab ALL=(ALL) NOPASSWD: /bin/systemctl status ring
I did try to execute the commands as openHab user via the ssh connection and it works fine:
Login as openhab as described above
I do not get any prompts for password when I execute the commands defined in the openhab sudoers file via ssh connection. The commands execute correctly:
[01:07:07] openhab@openHABianDevice:/etc/sudoers.d$ sudo systemctl restart ring
[01:20:33] openhab@openHABianDevice:/etc/sudoers.d$ sudo /usr/bin/systemctl status ring
● ring.service - Ring Service
Loaded: loaded (/lib/systemd/system/ring.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2021-01-28 01:20:33 CET; 3s ago
Main PID: 17152 (python3)
Tasks: 1 (limit: 4915)
CGroup: /system.slice/ring.service
└─17152 /usr/bin/python3 /opt/ring/ring.py
I configured the exec binding as follows (I tried different variations of the commands with or without the path /bin/ or /usr/bin/ before sudo and systemctl). All the commands were whitelisted:
rule "ring:Service restart"
when
Item itmRingHeartbeatON received update OFF or
Time cron "0 0/5 * 1/1 * ? *" // Test every 5 minutes
then
//if (itmRingHeartbeatON.state != ON) {
Ring_Remote_Send.sendCommand(ON)
logInfo("FILE","ring:Service restart| Restart ring service")
Thread::sleep(3000)
logInfo("FILE","ring:Service restart| Result :" + Ring_Remote_Send_Out.state)
Ring_STSRemote_Send.sendCommand(ON)
Thread::sleep(3000)
logInfo("FILE","ring:Service restart| Result :" + Ring_STSRemote_Send_Out.state)
// }
end
rule "ring:Service restart2"
when
Item TestSwitch received update ON
then
val results = executeCommandLine("/bin/sudo /bin/systemctl restart ring")
logInfo("Test", results)
end
When I execute the first rule nothing happens (I don’t see any errors in the log, but also the service is not restarted)
2021-01-28 01:05:00.289 [INFO ] [openhab.event.ItemCommandEvent ] - Item 'Ring_Remote_Send' received command ON
2021-01-28 01:05:00.291 [INFO ] [penhab.event.ItemStatePredictedEvent] - Item 'Ring_Remote_Send' predicted to become ON
2021-01-28 01:05:03.307 [INFO ] [openhab.event.ItemCommandEvent ] - Item 'Ring_STSRemote_Send' received command ON
2021-01-28 01:05:03.310 [INFO ] [penhab.event.ItemStatePredictedEvent] - Item 'Ring_STSRemote_Send' predicted to become NULL
when I execute the 2nd which is there only for testing, I get exception:
2021-01-28 01:18:04.957 [WARN ] [rg.openhab.core.io.net.exec.ExecUtil] - Error occurred when executing commandLine '[/bin/sudo /bin/systemctl restart ring]'
java.io.IOException: Cannot run program "/bin/sudo /bin/systemctl restart ring": error=2, No such file or directory
at java.lang.ProcessBuilder.start(ProcessBuilder.java:1128) ~[?:?]
at java.lang.ProcessBuilder.start(ProcessBuilder.java:1071) ~[?:?]
at org.openhab.core.io.net.exec.ExecUtil.executeCommandLine(ExecUtil.java:59) [bundleFile:?]
at org.openhab.core.model.script.actions.Exec.executeCommandLine(Exec.java:40) [bundleFile:?]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:?]
at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter.invokeOperation(XbaseInterpreter.java:1176) [bundleFile:?]
at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter.invokeOperation(XbaseInterpreter.java:1151) [bundleFile:?]
at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter._invokeFeature(XbaseInterpreter.java:1137) [bundleFile:?]
at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter.invokeFeature(XbaseInterpreter.java:1082) [bundleFile:?]
at org.openhab.core.model.script.interpreter.ScriptInterpreter.invokeFeature(ScriptInterpreter.java:151) [bundleFile:?]
at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter._doEvaluate(XbaseInterpreter.java:992) [bundleFile:?]
at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter._doEvaluate(XbaseInterpreter.java:955) [bundleFile:?]
at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter.doEvaluate(XbaseInterpreter.java:236) [bundleFile:?]
at org.openhab.core.model.script.interpreter.ScriptInterpreter.doEvaluate(ScriptInterpreter.java:226) [bundleFile:?]
at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter.internalEvaluate(XbaseInterpreter.java:216) [bundleFile:?]
at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter._doEvaluate(XbaseInterpreter.java:917) [bundleFile:?]
at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter.doEvaluate(XbaseInterpreter.java:276) [bundleFile:?]
at org.openhab.core.model.script.interpreter.ScriptInterpreter.doEvaluate(ScriptInterpreter.java:226) [bundleFile:?]
at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter.internalEvaluate(XbaseInterpreter.java:216) [bundleFile:?]
at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter._doEvaluate(XbaseInterpreter.java:459) [bundleFile:?]
at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter.doEvaluate(XbaseInterpreter.java:240) [bundleFile:?]
at org.openhab.core.model.script.interpreter.ScriptInterpreter.doEvaluate(ScriptInterpreter.java:226) [bundleFile:?]
at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter.internalEvaluate(XbaseInterpreter.java:216) [bundleFile:?]
at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter.evaluate(XbaseInterpreter.java:202) [bundleFile:?]
at org.openhab.core.model.script.runtime.internal.engine.ScriptImpl.execute(ScriptImpl.java:80) [bundleFile:?]
at org.openhab.core.model.script.runtime.internal.engine.DSLScriptEngine.eval(DSLScriptEngine.java:125) [bundleFile:?]
at org.openhab.core.automation.module.script.internal.handler.ScriptActionHandler.lambda$0(ScriptActionHandler.java:62) [bundleFile:?]
at java.util.Optional.ifPresent(Optional.java:183) [?:?]
at org.openhab.core.automation.module.script.internal.handler.ScriptActionHandler.execute(ScriptActionHandler.java:59) [bundleFile:?]
at org.openhab.core.automation.internal.RuleEngineImpl.executeActions(RuleEngineImpl.java:1179) [bundleFile:?]
at org.openhab.core.automation.internal.RuleEngineImpl.runNow(RuleEngineImpl.java:1031) [bundleFile:?]
at org.openhab.core.automation.internal.RuleEngineImpl.runNow(RuleEngineImpl.java:1047) [bundleFile:?]
at org.openhab.core.automation.rest.internal.RuleResource.runNow(RuleResource.java:314) [bundleFile:?]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:?]
at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:179) [bundleFile:1.0.9]
at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96) [bundleFile:1.0.9]
at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:201) [bundleFile:1.0.9]
at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:104) [bundleFile:1.0.9]
at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:59) [bundleFile:1.0.9]
at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:96) [bundleFile:1.0.9]
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308) [bundleFile:1.0.9]
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121) [bundleFile:1.0.9]
at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:267) [bundleFile:1.0.9]
at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234) [bundleFile:1.0.9]
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208) [bundleFile:1.0.9]
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160) [bundleFile:1.0.9]
at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:216) [bundleFile:1.0.9]
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:301) [bundleFile:1.0.9]
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:220) [bundleFile:1.0.9]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707) [bundleFile:3.1.0]
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:276) [bundleFile:1.0.9]
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:852) [bundleFile:9.4.20.v20190813]
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:544) [bundleFile:9.4.20.v20190813]
at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:71) [bundleFile:?]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) [bundleFile:9.4.20.v20190813]
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:536) [bundleFile:9.4.20.v20190813]
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) [bundleFile:9.4.20.v20190813]
at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235) [bundleFile:9.4.20.v20190813]
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1581) [bundleFile:9.4.20.v20190813]
at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233) [bundleFile:9.4.20.v20190813]
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1307) [bundleFile:9.4.20.v20190813]
at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:293) [bundleFile:?]
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188) [bundleFile:9.4.20.v20190813]
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:482) [bundleFile:9.4.20.v20190813]
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1549) [bundleFile:9.4.20.v20190813]
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186) [bundleFile:9.4.20.v20190813]
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1204) [bundleFile:9.4.20.v20190813]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) [bundleFile:9.4.20.v20190813]
at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:80) [bundleFile:?]
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) [bundleFile:9.4.20.v20190813]
at org.eclipse.jetty.server.Server.handle(Server.java:494) [bundleFile:9.4.20.v20190813]
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:374) [bundleFile:9.4.20.v20190813]
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:268) [bundleFile:9.4.20.v20190813]
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311) [bundleFile:9.4.20.v20190813]
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103) [bundleFile:9.4.20.v20190813]
at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:117) [bundleFile:9.4.20.v20190813]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:336) [bundleFile:9.4.20.v20190813]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:313) [bundleFile:9.4.20.v20190813]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:171) [bundleFile:9.4.20.v20190813]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:129) [bundleFile:9.4.20.v20190813]
at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:367) [bundleFile:9.4.20.v20190813]
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:782) [bundleFile:9.4.20.v20190813]
at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:918) [bundleFile:9.4.20.v20190813]
at java.lang.Thread.run(Thread.java:834) [?:?]
Caused by: java.io.IOException: error=2, No such file or directory
at java.lang.ProcessImpl.forkAndExec(Native Method) ~[?:?]
at java.lang.ProcessImpl.<init>(ProcessImpl.java:340) ~[?:?]
at java.lang.ProcessImpl.start(ProcessImpl.java:271) ~[?:?]
at java.lang.ProcessBuilder.start(ProcessBuilder.java:1107) ~[?:?]
... 89 more
It’s generally better to start a new thread (including all of the information that’s requested in the template) and reference any old threads that may be relevant. There are many threads that are relevant to what you want to do, but I’ll point you to the tutorial I wrote for OH2.
executeCommandLine is part of the core, so if you just want to send a shell command then you don’t actually need the Exec Binding. You just need your second rule.
I’m guessing that you’re on OH3, in which case you aren’t using the proper syntax. It’s one of a few breaking changes that you need to keep in mind when looking at old discussions that were written for OH2.
No one’s going to mind if you start a new thread and link to an old one you think might be useful, but when you revive an old thread you’ll find that people are less likely to jump in since they don’t want to read the whole thing. Luckily, I was able to guess that you’re on OH3 and quickly spot the problem.
I can’t solve my “sudo” problem even though I’ve been trying for many hours. I am using openHAB 2.5.11-1
I use the following Exec Binding Definition in my things file:
I’d like to add a beautiful way to debug the command when something doesn’t work. The exec binding includes an output channel that contains the last output.
By binding output to an item, you will se the output of the executed command in the common log.
By using the expire binding, it can reset afterwards so that the same output will show up for each execution in the log. Working example for OH3, where the service now is called “openhab.service” without the “2”:
An other root cause for this message can be the sequence of defined entries in sudoers file.
if the output of
sudo -u openhab sudo -l
shows
Matching Defaults entries for openhab on pi:
env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin, env_keep+=NO_AT_BRIDGE
User openhab may run the following commands on pi:
(ALL) NOPASSWD: /home/alexa/sip.sh
(ALL : ALL) ALL
instead of
Matching Defaults entries for openhab on pi:
env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin, env_keep+=NO_AT_BRIDGE
User openhab may run the following commands on pi:
(ALL : ALL) ALL
(ALL) NOPASSWD: /home/alexa/sip.sh
then a password is required to be entered.
In case the second output is shown a password needs to be entered for any other command to be executed than sip.sh.