Problems with Exec binding and openhab user permissions

I’ve been playing around with proximity solutions and have settled on pinging smartphones using l2ping. The problem is l2ping needs sudo to run. I can get it to run successfully using the openhabian user and have automated the passing in of the root password. The only place it doesn’t work is executing it within the exec binding. I understand that the exec binding executes with the openhab user, which is a password-less user the OpenHAB system uses. Even if I change permissions on l2ping, it still doesn’t work. It seems like there is something the l2ping process is calling that needs permissions. Does anyone know what else needs modified permissions for the l2ping process? Or has anyone else successfully integrated l2ping using the exec binding?

I’ve tried the following:

  • changing permissions on l2ping itself
  • using visudo to add the openhab user so it doesn’t need a password to run l2ping
  • automatically passing in the password within the bash script
echo SUDOPWD | sudo -S l2ping -c1 -s32 -t1 XX:XX:XX:XX:XX:XX
  • specifying a particular user to be used for sudo
echo SUDOPWD | sudo -S --user=openhabian l2ping -c1 -s32 -t1 XX:XX:XX:XX:XX:XX
  • automatically passing in the password in the Thing command line
echo SUDOPWD | sudo -S /home/openhabian/bluetooth/

Here is the full contents of the script:


# modified from program found on

if $DEBUG ; then
	echo "$TIMESTAMP:  checking to see who is around..."  >> /var/log/openhab2/ping_bt_devices.log 2>&1

# Set the list of devices to ping key=name-that-matches-the-mqtt-topic, value=bluetooth_mac_address
# The name in the value must match the mqtt topic to send the results below
declare -A arr
arr["ben"]="XX:XX:XX:XX:XX:XX" #bens mobile phone
arr+=( ["holly"]="YY:YY:YY:YY:YY:YY") #hollys mobile phone
arr+=( ["tate"]="ZZ:ZZ:ZZ:ZZ:ZZ:ZZ") #tates mobile phone
arr+=( ["summer"]="00:00:00:00:00:00") #summers mobile phone

for key in ${!arr[@]}; do
	# Bluetooth ping attempt
	bt1=$(l2ping -c1 -s32 -t1 "${arr[${key}]}" > /dev/null && echo 1 || echo 0)
	if [[ $bt1 == 1 ]]; then
		device=$(echo "ON")
		device=$(echo "OFF")
	# send the results to mosquitto to be picked up by openhab
	mosquitto_pub -h faniweb -t /at/home/$key -m "$device"
	# logging for debugging purposes
	if $DEBUG ; then
		echo "$TIMESTAMP:  mac: ${arr[${key}]} bt1: $bt1" >> /var/log/openhab2/ping_bt_devices.log 2>&1
		if [ "$device" = "ON" ] ; then
			echo "$TIMESTAMP:  $key Online"  >> /var/log/openhab2/ping_bt_devices.log 2>&1
			echo "$TIMESTAMP:  $key Offline" >> /var/log/openhab2/ping_bt_devices.log 2>&1


Sounds like the issue might be your use of the EXEC binding and not the permissions. If you read this board - this binding is a source of lots of user frustration.

Can you include your exec binding line for your item?
Are you using the “@@” between the binary name and the arguments as discussed in the docs?

Can you include the log file line for this?

You might want to try something else as a proof of concept that doesn’t require any special permissions and then move back to this.

Thanks for the response. I am successfully executing the script using cron to at least get some updates. Now I’m circling back as you suggested to see if I can get exec to work. I’m not sure what you mean by the “@@”. Can you tell me more about that?

My Item has been configured as follows:

Switch  Check_whos_home  "Manual Update"  <status>	{channel="exec:command:at_home:run"}

I configured the Thing using PaperUI. Maybe I should’ve done it manually. It has this in the command section:


The error I get is:

2017-05-12 11:14:06.298 [DEBUG] [hab.binding.exec.handler.ExecHandler] - Exec [ERROR]: 'Can't create socket: Operation not permitted'

When I try to run it as sudo, automatically entering the password and forcing a specific user, I entered the following in the bash script:

echo SUDOPWD | sudo -S --user=openhabian l2ping -c1 -s32 -t1 XX:XX:XX:XX:XX:XX

Then I get the following error:

2017-05-12 12:41:55.103 [DEBUG] [hab.binding.exec.handler.ExecHandler] - Exec [ERROR]: 'We trust you have received the usual lecture from the local System'
2017-05-12 12:41:55.105 [DEBUG] [hab.binding.exec.handler.ExecHandler] - Exec [ERROR]: 'Administrator. It usually boils down to these three things:'
2017-05-12 12:41:55.107 [DEBUG] [hab.binding.exec.handler.ExecHandler] - Exec [ERROR]: ''
2017-05-12 12:41:55.109 [DEBUG] [hab.binding.exec.handler.ExecHandler] - Exec [ERROR]: '    #1) Respect the privacy of others.'
2017-05-12 12:41:55.111 [DEBUG] [hab.binding.exec.handler.ExecHandler] - Exec [ERROR]: '    #2) Think before you type.'
2017-05-12 12:41:55.112 [DEBUG] [hab.binding.exec.handler.ExecHandler] - Exec [ERROR]: '    #3) With great power comes great responsibility.'
2017-05-12 12:41:55.114 [DEBUG] [hab.binding.exec.handler.ExecHandler] - Exec [ERROR]: ''
2017-05-12 12:41:55.115 [DEBUG] [hab.binding.exec.handler.ExecHandler] - Exec [ERROR]: '[sudo] password for openhab: Sorry, try again.'
2017-05-12 12:41:55.117 [DEBUG] [hab.binding.exec.handler.ExecHandler] - Exec [ERROR]: '[sudo] password for openhab: '
2017-05-12 12:41:55.119 [DEBUG] [hab.binding.exec.handler.ExecHandler] - Exec [ERROR]: 'sudo: 1 incorrect password attempt'

If I try to force the password in the command line of the Thing like this:

echo SUDOPWD | sudo -S /home/openhabian/bluetooth/

It doesn’t run or give me an error. The log just says this (I have it logging at the DEBUG level):

2017-05-12 12:44:33.928 [DEBUG] [hab.binding.exec.handler.ExecHandler] - Exec [OUTPUT]: 'SUDOPWD | sudo -S /home/openhabian/bluetooth/'

Oh, I see the “@@” in the OpenHAB1 exec binding. I’ve only been working with the OpenHAB2 exec binding. I’ll try it out and see if it helps. Thanks!

Well, it didn’t like the @@ so I gave up using l2ping. All I want to do is touch specific bluetooth devices and see if they are on. I can do it with sdptool. It works fine using exec as well as through cron. So, I’m using cron to reach out periodically and the exec binding for manual updates. I guess my problem is fixed even though I didn’t really solve how to execute commands using the exec binding with a different user than openhab.

1 Like