I think systemctl is not the full command you would at least need a * wildcard to allow everything after systemctl. But I would question what I do, doing this.
Short googling:
Best would be to define every command from systemctl which you would like to execute. IMHO.
Ok, I just looked, I believe you can use your command, but need to drop the second sudo.
I never understood what openhab-cli was until a few minutes ago when I looked at the source code. It looks as if the call to openhab-cli is merely a shortcut to execute certain commands. I always execute the commands directly so using the openhab-cli does not help me. Regardless, I would suggest dropping the second 'sudo"
Sorry, I can’t help further as sudo not my expertise. I thought I remembered seeing something about the second sudo figured it was worth giving it a try.
looks like you corrupted your sudoers file possibly. I just modified mine and it all works fine. I was incorrrect you do need the second sudo in the command for what you are doing here. It is when you put it into the exec binding in a rules file I was thinking about one sudo. Sorry.
***I added this to my sudoers file: ““openhab ALL=(ALL) NOPASSWD: ALL””
**Then I executed the openhab-cli command.
[07:43:39] mullen@wifipi:~$ sudo -u openhab sudo openhab-cli start
A systemd service configuration exists...
Use 'sudo /bin/systemctl start openhab2.service' to start an openHAB service
Launching an instance in this terminal..
Launching the openHAB runtime...
Kris is trying to test that the sudo works for the openhab user. He is logged in with the login user. So let’s assume he is logged in as openhabian.
If you break the command down:
sudo -u openhab : run the following command as the openhab user
sudo : I’m now the openhab user but I need to run the next command as root
openhab-cli backup /home/kris/OH2Backup.zip : I’m now root, run this command
Without the second sudo, the openhab-cli is being run as the openhab user which won’t work.
OP is trying to avoid essentially giving the openhab user full root access to everything. That is what that line does. The openhab user can now execute ANY command as root without password.
I think the Cmnd_Alias needs to go above the openhab line. Typically, stuff like that is only available from the line where it is defined and below, not above.
Openhab doesnt have rights, after logging in as suggested by Udo
openhab@openhab2:/lib/systemd/system$ openhab-cli backup /home/kris/OH2Backup.zip
#########################################
openHAB 2.x.x backup script
#########################################
Please run this script as root! (e.g. use sudo)
openhab@openhab2:/lib/systemd/system$