OpenHAB sudo [Exec Binding]

Openhab doesnt have rights, after logging in as suggested by Udo


openhab@openhab2:/lib/systemd/system$ openhab-cli backup /home/kris/OH2Backup.zip


#########################################
       openHAB 2.x.x backup script
#########################################

Please run this script as root! (e.g. use sudo)
openhab@openhab2:/lib/systemd/system$

After adding the home/kris switch to the command and moving it above as suggested by Rich, it now works! Thank you guys

here is mine,

Cmnd_Alias BACKUP = /usr/bin/openhab-cli backup /home/kris/OH2Backup.zip
openhab ALL=(ALL) NOPASSWD: /etc/openhab2/scripts/backup.sh, BACKUP

Sure, you have to use sudo:

openhab@openhab2:/lib/systemd/system$ sudo openhab-cli backup /home/kris/OH2Backup.zip
                                      ^^^^

The setting “NOPASSWD” in sudoers is to enable the user openhab to use the command “sudo” without password for a specific command, but you always have to call sudo.

2 Likes

Spoke too soon thats shown in the openhab console.

if i run the command in the rule , from the CLI it works just fine

sudo -u openhab sudo openhab-cli backup /home/kris/OH2Backup.zip

05:21:14.425 [INFO ] [.smarthome.model.script.Server Backup] - Backup Executed Sorry, user openhab is not allowed to execute '/usr/bin/sudo /etc/openhab2/scripts/backup.sh' as openhab on openhab2.ddns.net.

You don’t need to use sudo -u openhab in a rule, just use

sudo openhab-cli backup /home/kris/OH2Backup.zip

Again, works via CLI butnot the rule

05:32:59.112 [INFO ] [.smarthome.model.script.Server Backup] - Backup Executed Sorry, user openhab is not allowed to execute '/usr/bin/sudo /etc/openhab2/scripts/backup.sh' as openhab on openhab2.ddns.net.

rule "Backup OH2 ready for RClone, in the proceeding rule"
when
        Time cron "0 0 1 ? * * *"
then
        logInfo("Server Backup", "OH2 is being backed up")
        executeCommandLine("sudo openhab-cli backup /home/kris/OH2Backup.zip")
end

I have the following commands:

Thing exec:command:openHabRestart [command="sudo systemctl restart openhab2.service", interval=0, autorun=false]
Thing exec:command:openHabBackup  [command="sudo openhab-cli backup /var/lib/openhab2/backups/backup.zip", interval=0, autorun=false]

wich work fine when I add this line to sudoers:

openhab ALL=(ALL) NOPASSWD: ALL

But I don’t know how “dangerous” this could be in fact of an internet attac or something else. I don’t understand how I can give the user “openhab” permission to only run these commands. Can you please help me?

Thank you!

Yes, this is posiibly dangerous. Better set the correct command, see

1 Like

I hesitate to open a new topic but it’s exactly the same topic and i have almost tried everything in this thread

the openhab service getting restarted without reason

2019-10-30 12:46:33.818 [vent.ItemStateChangedEvent] - PR1_SensorLuminance_LastUpdate changed from 2019-10-30T11:40:31.000+0200 to 2019-10-30T12:46:33.755+0200

==> /var/log/openhab2/openhab.log <==
        at org.apache.felix.scr.impl.Activator.loadComponents(Activator.java:382) ~[?:?]
        at org.apache.felix.scr.impl.Activator.access$200(Activator.java:49) ~[?:?]
        at org.apache.felix.scr.impl.Activator$ScrExtension.start(Activator.java:264) ~[?:?]
        at org.apache.felix.scr.impl.AbstractExtender.createExtension(AbstractExtender.java:196) ~[?:?]
        at org.apache.felix.scr.impl.AbstractExtender.modifiedBundle(AbstractExtender.java:169) ~[?:?]
        at org.apache.felix.scr.impl.AbstractExtender.modifiedBundle(AbstractExtender.java:49) ~[?:?]
        at org.osgi.util.tracker.BundleTracker$Tracked.customizerModified(BundleTracker.java:482) ~[?:?]
        at org.osgi.util.tracker.BundleTracker$Tracked.customizerModified(BundleTracker.java:415) ~[?:?]
        at org.osgi.util.tracker.AbstractTracked.track(AbstractTracked.java:232) ~[?:?]
        at org.osgi.util.tracker.BundleTracker$Tracked.bundleChanged(BundleTracker.java:444) ~[?:?]
        at org.eclipse.osgi.internal.framework.BundleContextImpl.dispatchEvent(BundleContextImpl.java:908) ~[?:?]
        at org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230) ~[?:?]
        at org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148) ~[?:?]
        at org.eclipse.osgi.internal.framework.EquinoxEventPublisher.publishBundleEventPrivileged(EquinoxEventPublisher.java:213) ~[?:?]
        at org.eclipse.osgi.internal.framework.EquinoxEventPublisher.publishBundleEvent(EquinoxEventPublisher.java:120) ~[?:?]
        at org.eclipse.osgi.internal.framework.EquinoxEventPublisher.publishBundleEvent(EquinoxEventPublisher.java:112) ~[?:?]
        at org.eclipse.osgi.internal.framework.EquinoxContainerAdaptor.publishModuleEvent(EquinoxContainerAdaptor.java:168) ~[?:?]
        at org.eclipse.osgi.container.Module.publishEvent(Module.java:476) ~[?:?]
        at org.eclipse.osgi.container.Module.start(Module.java:467) ~[?:?]
        at org.eclipse.osgi.internal.framework.EquinoxBundle.start(EquinoxBundle.java:383) ~[?:?]
        at org.eclipse.osgi.internal.framework.EquinoxBundle.start(EquinoxBundle.java:402) ~[?:?]
        at org.apache.karaf.features.internal.service.BundleInstallSupportImpl.startBundle(BundleInstallSupportImpl.java:165) ~[?:?]
        at org.apache.karaf.features.internal.service.FeaturesServiceImpl.startBundle(FeaturesServiceImpl.java:1153) ~[?:?]
        at org.apache.karaf.features.internal.service.Deployer.deploy(Deployer.java:1036) ~[?:?]
        at org.apache.karaf.features.internal.service.FeaturesServiceImpl.doProvision(FeaturesServiceImpl.java:1062) ~[?:?]
        at org.apache.karaf.features.internal.service.FeaturesServiceImpl.lambda$doProvisionInThread$13(FeaturesServiceImpl.java:998) ~[?:?]
        at java.util.concurrent.FutureTask.run(FutureTask.java:266) [?:?]
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:?]
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:?]
        at java.lang.Thread.run(Thread.java:748) [?:?]
Caused by: java.util.concurrent.TimeoutException: Total timeout 5000 ms elapsed
        at org.eclipse.jetty.client.HttpDestination$TimeoutTask.onTimeoutExpired(HttpDestination.java:527) ~[?:?]
        at org.eclipse.jetty.io.CyclicTimeout$Wakeup.run(CyclicTimeout.java:282) ~[?:?]
        at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) ~[?:?]
        at java.util.concurrent.FutureTask.run(FutureTask.java:266) ~[?:?]
        at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180) ~[?:?]
        at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293) ~[?:?]
        ... 3 more
2019-10-30 12:38:13.728 [INFO ] [.googletts.internal.GoogleTTSService] - Using cache folder /var/lib/openhab2/cache/org.openhab.voice.googletts
2019-10-30 12:38:15.093 [WARN ] [.googletts.internal.GoogleTTSService] - Audio format OGG_OPUS is not yet supported.

i constated that when checking the openhab service status this error

  [14:26:36] openhab@openhabian:~/config/org/openhab$ sudo systemctl status openhab2
● openhab2.service - openHAB 2 - empowering the smart home
   Loaded: loaded (/usr/lib/systemd/system/openhab2.service; enabled; vendor preset: enabled)
   Active: active (running) since Wed 2019-10-30 13:19:01 IST; 1h 15min ago
     Docs: https://www.openhab.org/docs/
           https://community.openhab.org
 Main PID: 25800 (java)
   CGroup: /system.slice/openhab2.service
           ├─21072 arping -w 5 -c 1 -I wlan0 209.58.128.135
           └─25800 /usr/bin/java -Dopenhab.home=/usr/share/openhab2 -Dopenhab.conf=/etc/openhab2 -Dopenhab.runtime=/usr/share/openhab2/runtime -Dopenhab.userdata=/var/lib/openhab2 -Dopenha

oct. 30 14:31:34 openhabian sudo[20140]: pam_unix(sudo:session): session closed for user root
oct. 30 14:31:44 openhabian sudo[20240]:  openhab : TTY=unknown ; PWD=/var/lib/openhab2 ; USER=root ; COMMAND=/usr/bin/python /etc/openhab2/scripts/Switcher-V2-Python/switcher.py 2
oct. 30 14:31:44 openhabian sudo[20240]: pam_unix(sudo:session): session opened for user root by (uid=0)
oct. 30 14:31:48 openhabian sudo[20240]: pam_unix(sudo:session): session closed for user root
oct. 30 14:32:48 openhabian sudo[20595]:  openhab : TTY=unknown ; PWD=/var/lib/openhab2 ; USER=root ; COMMAND=/usr/bin/python /etc/openhab2/scripts/Switcher-V2-Python/switcher.py 2
oct. 30 14:32:48 openhabian sudo[20595]: pam_unix(sudo:session): session opened for user root by (uid=0)
oct. 30 14:32:52 openhabian sudo[20595]: pam_unix(sudo:session): session closed for user root
oct. 30 14:33:52 openhabian sudo[20909]:  openhab : TTY=unknown ; PWD=/var/lib/openhab2 ; USER=root ; COMMAND=/usr/bin/python /etc/openhab2/scripts/Switcher-V2-Python/switcher.py 2
oct. 30 14:33:52 openhabian sudo[20909]: pam_unix(sudo:session): session opened for user root by (uid=0)
oct. 30 14:33:56 openhabian sudo[20909]: pam_unix(sudo:session): session closed for user root

see below sudo visudo

This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults        env_reset
Defaults        mail_badpass
Defaults        secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root    ALL=(ALL:ALL) ALL

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL

# See sudoers(5) for more information on "#include" directives:

#includedir /etc/sudoers.d

dataplicity ALL=(ALL) NOPASSWD: /sbin/reboot
#openhab ALL=NOPASSWD: /etc/openhab2/scripts/*

i have created a file

sudo visudo -f /etc/sudoers.d/nopasswordneeded
with only this row but i am still getiing this issue

openhab ALL=(ALL) NOPASSWD: ALL

i know that i should limit the scope of the openhab user as below but it do not work

openhab openhabian ALL=(ALL) NOPASSWD: /usr/bin/python /etc/openhab2/scripts/w_gil_work.py
openhab openhabian ALL=(ALL) NOPASSWD: /usr/bin/python /etc/openhab2/scripts/w_gil_home.py
openhab openhabian ALL=(ALL) NOPASSWD: /usr/bin/python /etc/openhab2/scripts/w_karen_work.py
openhab openhabian ALL=(ALL) NOPASSWD: /usr/bin/python /etc/openhab2/scripts/w_karen_home.py
openhab openhabian ALL=(ALL) NOPASSWD: /usr/bin/python /etc/openhab2/scripts/w_netanyatoraanana.py
openhab openhabian ALL=(ALL) NOPASSWD: /usr/bin/python /etc/openhab2/scripts/w_raananatonetanya.py
openhab openhabian ALL=(ALL) NOPASSWD: /usr/bin/python /etc/openhab2/scripts/Switcher-V2-Python/switcher.py

Any ideas?

Hi all,

I know this is old topic but it is very related to what I am trying to do.
I am trying to restart service that is running on the same rPi 4 as the openhabian but I can’t doesn’t work.
I created file in the etc/sudoers.d containing the following:

openhab ALL=(ALL) NOPASSWD: /bin/systemctl start ring
openhab ALL=(ALL) NOPASSWD: /bin/systemctl restart ring
openhab ALL=(ALL) NOPASSWD: /bin/systemctl status ring

I did try to execute the commands as openHab user via the ssh connection and it works fine:

  1. Login as openhab as described above
  1. I do not get any prompts for password when I execute the commands defined in the openhab sudoers file via ssh connection. The commands execute correctly:

    [01:07:07] openhab@openHABianDevice:/etc/sudoers.d$ sudo systemctl restart ring
    [01:20:33] openhab@openHABianDevice:/etc/sudoers.d$ sudo /usr/bin/systemctl status ring
    ● ring.service - Ring Service
       Loaded: loaded (/lib/systemd/system/ring.service; enabled; vendor preset: enabled)
       Active: active (running) since Thu 2021-01-28 01:20:33 CET; 3s ago
     Main PID: 17152 (python3)
        Tasks: 1 (limit: 4915)
       CGroup: /system.slice/ring.service
               └─17152 /usr/bin/python3 /opt/ring/ring.py
    
  2. I configured the exec binding as follows (I tried different variations of the commands with or without the path /bin/ or /usr/bin/ before sudo and systemctl). All the commands were whitelisted:

      Thing exec:execRingStart:remote-send [
                 command="sudo systemctl restart ring",
                 interval=0,
                 autorun=true]
    
      Thing exec:execRingStatus:remote-send [
                 command="sudo systemctl status ring",
                 interval=0,
                 autorun=true]
    

My rules are as follows:

rule "ring:Service restart"
when
    Item itmRingHeartbeatON received update OFF or
    Time cron "0 0/5 * 1/1 * ? *"   // Test every 5 minutes
then
    //if (itmRingHeartbeatON.state != ON) {
        Ring_Remote_Send.sendCommand(ON)
        logInfo("FILE","ring:Service restart| Restart ring service")
        
        Thread::sleep(3000)
        logInfo("FILE","ring:Service restart| Result :" + Ring_Remote_Send_Out.state)
        Ring_STSRemote_Send.sendCommand(ON)

        Thread::sleep(3000)
        logInfo("FILE","ring:Service restart| Result :" + Ring_STSRemote_Send_Out.state)
   // }
end


rule "ring:Service restart2"
when
    Item TestSwitch received update ON
then
    val results = executeCommandLine("/bin/sudo /bin/systemctl restart ring")
    logInfo("Test", results)

end

When I execute the first rule nothing happens (I don’t see any errors in the log, but also the service is not restarted)

2021-01-28 01:05:00.289 [INFO ] [openhab.event.ItemCommandEvent      ] - Item 'Ring_Remote_Send' received command ON
2021-01-28 01:05:00.291 [INFO ] [penhab.event.ItemStatePredictedEvent] - Item 'Ring_Remote_Send' predicted to become ON
2021-01-28 01:05:03.307 [INFO ] [openhab.event.ItemCommandEvent      ] - Item 'Ring_STSRemote_Send' received command ON
2021-01-28 01:05:03.310 [INFO ] [penhab.event.ItemStatePredictedEvent] - Item 'Ring_STSRemote_Send' predicted to become NULL

when I execute the 2nd which is there only for testing, I get exception:

2021-01-28 01:18:04.957 [WARN ] [rg.openhab.core.io.net.exec.ExecUtil] - Error occurred when executing commandLine '[/bin/sudo /bin/systemctl restart ring]'
java.io.IOException: Cannot run program "/bin/sudo /bin/systemctl restart ring": error=2, No such file or directory
	at java.lang.ProcessBuilder.start(ProcessBuilder.java:1128) ~[?:?]
	at java.lang.ProcessBuilder.start(ProcessBuilder.java:1071) ~[?:?]
	at org.openhab.core.io.net.exec.ExecUtil.executeCommandLine(ExecUtil.java:59) [bundleFile:?]
	at org.openhab.core.model.script.actions.Exec.executeCommandLine(Exec.java:40) [bundleFile:?]
	at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
	at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:?]
	at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
	at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
	at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter.invokeOperation(XbaseInterpreter.java:1176) [bundleFile:?]
	at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter.invokeOperation(XbaseInterpreter.java:1151) [bundleFile:?]
	at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter._invokeFeature(XbaseInterpreter.java:1137) [bundleFile:?]
	at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter.invokeFeature(XbaseInterpreter.java:1082) [bundleFile:?]
	at org.openhab.core.model.script.interpreter.ScriptInterpreter.invokeFeature(ScriptInterpreter.java:151) [bundleFile:?]
	at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter._doEvaluate(XbaseInterpreter.java:992) [bundleFile:?]
	at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter._doEvaluate(XbaseInterpreter.java:955) [bundleFile:?]
	at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter.doEvaluate(XbaseInterpreter.java:236) [bundleFile:?]
	at org.openhab.core.model.script.interpreter.ScriptInterpreter.doEvaluate(ScriptInterpreter.java:226) [bundleFile:?]
	at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter.internalEvaluate(XbaseInterpreter.java:216) [bundleFile:?]
	at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter._doEvaluate(XbaseInterpreter.java:917) [bundleFile:?]
	at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter.doEvaluate(XbaseInterpreter.java:276) [bundleFile:?]
	at org.openhab.core.model.script.interpreter.ScriptInterpreter.doEvaluate(ScriptInterpreter.java:226) [bundleFile:?]
	at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter.internalEvaluate(XbaseInterpreter.java:216) [bundleFile:?]
	at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter._doEvaluate(XbaseInterpreter.java:459) [bundleFile:?]
	at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter.doEvaluate(XbaseInterpreter.java:240) [bundleFile:?]
	at org.openhab.core.model.script.interpreter.ScriptInterpreter.doEvaluate(ScriptInterpreter.java:226) [bundleFile:?]
	at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter.internalEvaluate(XbaseInterpreter.java:216) [bundleFile:?]
	at org.eclipse.xtext.xbase.interpreter.impl.XbaseInterpreter.evaluate(XbaseInterpreter.java:202) [bundleFile:?]
	at org.openhab.core.model.script.runtime.internal.engine.ScriptImpl.execute(ScriptImpl.java:80) [bundleFile:?]
	at org.openhab.core.model.script.runtime.internal.engine.DSLScriptEngine.eval(DSLScriptEngine.java:125) [bundleFile:?]
	at org.openhab.core.automation.module.script.internal.handler.ScriptActionHandler.lambda$0(ScriptActionHandler.java:62) [bundleFile:?]
	at java.util.Optional.ifPresent(Optional.java:183) [?:?]
	at org.openhab.core.automation.module.script.internal.handler.ScriptActionHandler.execute(ScriptActionHandler.java:59) [bundleFile:?]
	at org.openhab.core.automation.internal.RuleEngineImpl.executeActions(RuleEngineImpl.java:1179) [bundleFile:?]
	at org.openhab.core.automation.internal.RuleEngineImpl.runNow(RuleEngineImpl.java:1031) [bundleFile:?]
	at org.openhab.core.automation.internal.RuleEngineImpl.runNow(RuleEngineImpl.java:1047) [bundleFile:?]
	at org.openhab.core.automation.rest.internal.RuleResource.runNow(RuleResource.java:314) [bundleFile:?]
	at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
	at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:?]
	at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
	at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
	at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:179) [bundleFile:1.0.9]
	at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96) [bundleFile:1.0.9]
	at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:201) [bundleFile:1.0.9]
	at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:104) [bundleFile:1.0.9]
	at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:59) [bundleFile:1.0.9]
	at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:96) [bundleFile:1.0.9]
	at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308) [bundleFile:1.0.9]
	at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121) [bundleFile:1.0.9]
	at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:267) [bundleFile:1.0.9]
	at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234) [bundleFile:1.0.9]
	at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208) [bundleFile:1.0.9]
	at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160) [bundleFile:1.0.9]
	at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:216) [bundleFile:1.0.9]
	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:301) [bundleFile:1.0.9]
	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:220) [bundleFile:1.0.9]
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:707) [bundleFile:3.1.0]
	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:276) [bundleFile:1.0.9]
	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:852) [bundleFile:9.4.20.v20190813]
	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:544) [bundleFile:9.4.20.v20190813]
	at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:71) [bundleFile:?]
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) [bundleFile:9.4.20.v20190813]
	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:536) [bundleFile:9.4.20.v20190813]
	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) [bundleFile:9.4.20.v20190813]
	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235) [bundleFile:9.4.20.v20190813]
	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1581) [bundleFile:9.4.20.v20190813]
	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233) [bundleFile:9.4.20.v20190813]
	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1307) [bundleFile:9.4.20.v20190813]
	at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:293) [bundleFile:?]
	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188) [bundleFile:9.4.20.v20190813]
	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:482) [bundleFile:9.4.20.v20190813]
	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1549) [bundleFile:9.4.20.v20190813]
	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186) [bundleFile:9.4.20.v20190813]
	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1204) [bundleFile:9.4.20.v20190813]
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) [bundleFile:9.4.20.v20190813]
	at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:80) [bundleFile:?]
	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) [bundleFile:9.4.20.v20190813]
	at org.eclipse.jetty.server.Server.handle(Server.java:494) [bundleFile:9.4.20.v20190813]
	at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:374) [bundleFile:9.4.20.v20190813]
	at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:268) [bundleFile:9.4.20.v20190813]
	at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311) [bundleFile:9.4.20.v20190813]
	at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103) [bundleFile:9.4.20.v20190813]
	at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:117) [bundleFile:9.4.20.v20190813]
	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:336) [bundleFile:9.4.20.v20190813]
	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:313) [bundleFile:9.4.20.v20190813]
	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:171) [bundleFile:9.4.20.v20190813]
	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:129) [bundleFile:9.4.20.v20190813]
	at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:367) [bundleFile:9.4.20.v20190813]
	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:782) [bundleFile:9.4.20.v20190813]
	at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:918) [bundleFile:9.4.20.v20190813]
	at java.lang.Thread.run(Thread.java:834) [?:?]
Caused by: java.io.IOException: error=2, No such file or directory
	at java.lang.ProcessImpl.forkAndExec(Native Method) ~[?:?]
	at java.lang.ProcessImpl.<init>(ProcessImpl.java:340) ~[?:?]
	at java.lang.ProcessImpl.start(ProcessImpl.java:271) ~[?:?]
	at java.lang.ProcessBuilder.start(ProcessBuilder.java:1107) ~[?:?]
	... 89 more

Any ideas?
Thanks

It’s generally better to start a new thread (including all of the information that’s requested in the template) and reference any old threads that may be relevant. There are many threads that are relevant to what you want to do, but I’ll point you to the tutorial I wrote for OH2.

executeCommandLine is part of the core, so if you just want to send a shell command then you don’t actually need the Exec Binding. You just need your second rule.

I’m guessing that you’re on OH3, in which case you aren’t using the proper syntax. It’s one of a few breaking changes that you need to keep in mind when looking at old discussions that were written for OH2.

Thanks @rpwong,
You are right, I am on OH3 so, putting the quotes solved the problem with my 2nd rule

val results = executeCommandLine("sudo", "systemctl", "restart", "ring")

Good stuff.

No one’s going to mind if you start a new thread and link to an old one you think might be useful, but when you revive an old thread you’ll find that people are less likely to jump in since they don’t want to read the whole thing. Luckily, I was able to guess that you’re on OH3 and quickly spot the problem. :wink:

1 Like

Thanks, will do so the next time

Hi all!

I can’t solve my “sudo” problem even though I’ve been trying for many hours. I am using openHAB 2.5.11-1
I use the following Exec Binding Definition in my things file:

Thing exec: command: ipc_ns_read [command = "perl /opt/TM/x.pl",transform="REGEX((.*?))", Interval = 3, timeout = 5, autorun = true] 

It works great! Now I’m trying to use “sudo” in my command because I’ll need that later.

Thing exec: command: ipc_ns_read [command = "sudo perl /opt/TM/x.pl",transform="REGEX((.*?))", Interval = 3, timeout = 5, autorun = true] 

The return value of the item is:

"We trust you have received the usual lecture from the local System ........ etc."

Calling the script from the command line as user openhabian works without any problems:

openhabian @ openHABianDevice: ~ $ sudo perl /opt/TM/x.pl

The following line is entered in /etc/sudoers.d/openhabian:

openhabian ALL = (ALL: ALL) NOPASSWD: ALL

I don’t understand why it works from the shell command line and not in the exec binding. Does anyone have a helpful idea?

Thanks Tom

Perhaps it’s not running under user openhabian. The end of the “lecture” message will tell you.

Thanks for your response!

The end of the lecture is sudo: no tty present and no askpass program specified

I do not understand what this means about the running user.
If I create a new file in my script it is created under the user ‘openhabian’

Oh yes, that’s less helpful than I imagined.

You logged into the console is not necessarily the same user that the openhab service is running under.

Oh! Can you help me to find out which user the openhab service is running?
I thought the user who created a file is the right one.

Thanks, Tom

No, I don’t know *nix systems.

If you look further up the thread you joined, you’ll see that ‘openhab’ would be a good guess.