A best practice followed by some is instead of editing default files like this to instead create a file in sudoers.d. This prevents your edits from being wiped out when sudo gets updated.
However, just focus on getting back to normal now. Worry about best practices when you have time. Just remember if it stops working sometime in the future for some unknown reason it might be because your changes got wiped out during an update.
This was created by the nano editor when you used nano to edit the /etc/sudoers file (wrongly ) (*.save = a nano emergency file where its buffer gets dumped)
If your /etc/sudoers file is back to normal and all is working ok, you can safely delete the /etc/sudoers.save file
Unsure if it is āokā now.
i mean Iām not locked out of sudo anymore by having that joe file dumped into the sudoers.d directory. That was a fun learning experience Iāll never repeat.
That file should work i assume based on everything iāve read, but i still canāt run the script through openhab.
Based on the openhab log it seems like it runs it.
By the way, (for future reference): It didnāt work because: You set the owner of the script file to the openhab user. This means that it would run with the openhab user privileges even if another user executed it (this is the purpose of the setuid). Thatās why I mentioned that you should change the owner to root for this file.
PolicyKit is an alternative method for allowing no-privileged users to execute privileged commands. In addition to or instead of just giving permission to openhab in sudoers you need to update the PolicyKit policy to allow it as well.
Iāve never done this but surely there is a tutorial out there somewhereā¦
Do you have a sudo inside your ShutDown.sh script? If so, as I suspect, this means that your sudoers is still not configured to allow openhab to sudo without a password.
Iām weary to change the default openhab pw; rather leave it intact.
I can try changing the script to shutdown and the sudoers file to /shutdown later and see what happens.
If that doesnāt work, perhaps its not in the cards for me.
There is always a way but it needs trial and error.
It is not easy (and it should not be) to give elevated privileges (like reboot) to a regular linux userā¦ Imagine having a multi-user environment where people have multiple files open and processes running and 1 user issues the reboot command
Yep. It is PolicyKit that is preventing the openhab user from doing anything. We can edit sudoers all day but if the policy in policykit doesnāt get updated to allow it openhab will simple never be able to run those commands.