OpenHAB sudo [Exec Binding]

wezzix · February 4, 2022, 12:39pm

I’d like to add a beautiful way to debug the command when something doesn’t work. The exec binding includes an output channel that contains the last output.
By binding output to an item, you will se the output of the executed command in the common log.
By using the expire binding, it can reset afterwards so that the same output will show up for each execution in the log.
Working example for OH3, where the service now is called “openhab.service” without the “2”:

Prerequisite: Install the exec binding.

Terminal:

> sudo visudo /etc/sudoers.d/010_pi-nopasswd
Cmnd_Alias SHUTDOWN_CMDS = /bin/systemctl restart openhab.service
openhab ALL=(ALL) NOPASSWD: SHUTDOWN_CMDS

misc/exec.whitelist:

sudo /bin/systemctl restart openhab.service

things/system.things

Thing exec:command:openhab_restart [command="sudo /bin/systemctl restart openhab.service", interval=0, autorun=true]

items:

Switch openhab_restart "Restart Openhab" {channel="exec:command:openhab_restart:run"}
String openhab_restart_output "Restart Openhab" {channel="exec:command:openhab_restart:output",expire="1s,command=done"}
Number openhab_restart_exit "Restart Openhab" {channel="exec:command:openhab_restart:exit",expire="1s,command=0"}

sitemap:

Switch item=openhab_restart mappings=[ON="Restart"]

Wolfgang_S · June 20, 2022, 5:44pm

Josar:

If by any chance you see something like this
  sudo: no tty present and no askpass program specified 
in the log of OpenHAB you did not execute the sudo command for OpenHAB within a terminal as described above. I

An other root cause for this message can be the sequence of defined entries in sudoers file.
if the output of

sudo -u openhab sudo -l

shows

Matching Defaults entries for openhab on pi:
    env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin, env_keep+=NO_AT_BRIDGE

User openhab may run the following commands on pi:
    (ALL) NOPASSWD: /home/alexa/sip.sh
    (ALL : ALL) ALL

instead of

Matching Defaults entries for openhab on pi:
    env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin, env_keep+=NO_AT_BRIDGE

User openhab may run the following commands on pi:
    (ALL : ALL) ALL
    (ALL) NOPASSWD: /home/alexa/sip.sh

then a password is required to be entered.
In case the second output is shown a password needs to be entered for any other command to be executed than sip.sh.