After a year of learning I’m setting up my new openHAB / Homematic environment with openHABian (btw: BIG KUDOS to the team, you need to setup openHAB manually first to appreciate openHABian).
I’ve learned last year, that it isn’t a good idea to power up Homematic and openHAB same time uncoordinated, because Homematic is getting problems, when openHAB tries to establish the gateway while Homematic startup hasn’t finished yet. Therefore I have a script, that stops openHAB via ssh, starts Homematic, wait a few minutes and starts openHAB via ssh again. This procedure requires a change in /etc/sudoers, like …
User_Alias REMOTE_CONTROL = openhabian Cmnd_Alias SYSTEM_CTL = /bin/systemctl REMOTE_CONTROL ALL = NOPASSWD: SYSTEM_CTL
After that I can remotely stop and start openHAB:
harald@remotesystem:~$ ssh openhabian@<myopenhab_ip> "sudo systemctl stop openhab2.service" ... wait harald@remotesystem:~$ ssh openhabian@<myopenhab_ip> "sudo systemctl start openhab2.service"
That worked well for a year… Unfortunately in my freshly setup openHABian the NOPASSWD directive is ignored in openHABian so I have to implement a dirty work around, which involves having my supersecret password plaintext in a script:
harald@remotesystem:~$ ssh openhabian@<myopenhab_ip> "echo <myPassword> | sudo -S systemctl stop openhab2.service"
My question: Has openHABian anywhere blocked (by intention) the usage of NOPASSWD in sudoers?