Sudo: Kein TTY vorhanden und kein »askpass«-Programm angegeben

Hi all,
i have a fresh installation of openhabian 1.6.2 using a Rapsberry PI 3B. I use system 2.5.11 on which I restore an earlier configuration with the reported command:
sudo $OPENHAB_RUNTIME/bin/restore ~/myBackup.zip

Now ich see frequently following message in the log:

sudo: Kein TTY vorhanden und kein »askpass«-Programm angegeben

Wir gehen davon aus, dass der lokale Systemadministrator Ihnen die
Regeln erklärt hat.  Normalerweise läuft es auf drei Regeln hinaus:

    #1) Respektieren Sie die Privatsphäre anderer.
    #2) Denken Sie nach, bevor Sie tippen.
    #3) Mit großer Macht kommt große Verantwortung.

sudo: Kein TTY vorhanden und kein »askpass«-Programm angegeben

Please can anybody help me what to change in the brand new openhabian installation to clear/change the system that this message did not come up anymore.
I is for me not really clear if this is an error or a warning or what happens behind this message means if this system behaviour could cause any trouble…

Thanks all for helping me
Cheers
Stef

Do you use sudo in one of your rules ?
For more information about this error message e.g. have a look at ssh - sudo: no tty present and no askpass program specified - Ask Ubuntu

Hi,

I use sudo in script: findmyiphone":
# path to log file - to use logging, uncomment all lines containing ‘echo >> logfile’
LOGFILE=/etc/openhab2/scripts/iphone.log

# exit immediately if no parameters supplied
if [ $# -lt 2 ]
  then
    echo `date '+%F %T'` - Required parameters not specified >> ${LOGFILE}
    echo "UNDEF"
    exit 1
fi

# Set variables
IP=$1
MAC=$2

echo `date '+%F %T'` - Script started for ${IP} and ${MAC} >> ${LOGFILE}

COUNT=0
while [ ${COUNT} -lt ${MAXRETRIES} ];
do

  # Change dev and eth0 if needed
  sudo ip neigh flush dev eth0 ${IP}

  sudo hping3 -q -2 -c 10 -p 5353 -i u1 ${IP} >/dev/null 2>&1
  sleep .1

  # Only arp specific device, grep for a mac-address
  STATUS=`arp -an ${IP} | awk '{print $4}' | grep -i "${MAC}"`

  if [ ${#STATUS} -eq 17 ]; then
      # exit when phone is detected
	  
	  echo `date '+%F %T'` - Phone detected >> ${LOGFILE}
	  
      echo "ON"
      exit 0
  fi
  let COUNT=COUNT+1
  sleep .1
done

# consider away if reached max retries

echo `date '+%F %T'` - Phone not detected >> ${LOGFILE} 
echo "OFF"

I read the artikle you linked me to … can you help me with the solution:

wether

You need to define terminal/application that will read the password. There are two variants:

  1. export SUDO_ASKPASS=/usr/libexec/openssh/ssh-askpass

nor

  1. vim /etc/sudoers (Defaults visiblepw)

works unluckily.

Can anybody give me a workaround for openhabian 1.6.2 and later?

Thanks a lot
Cheers
Stef

Is the openhab user member of the sudo group ?

grep openhab /etc/group

needs to look similar to

sudo:x:27:debian,myopenhabian,openhab

REMARK: it is required to run e.g. hping3 with higher privileges; nevertheless keep in mind that adding openhab to the sudo group could open potential security risks.

Other possibility to check if openhab is member of the sudo group:

id openhab

result should look similar to

uid=117(openhab) gid=123(openhab) groups=123(openhab),5(tty),20(dialout),27(sudo),29(audio),112(bluetooth)

In case openhab is not member of that group you may add it by e.g. using an editor to edit the file /etc/group. Or you can use the command

sudo usermod --append --groups sudo openhab

After that restart openhab service:

sudo systemctl restart openhab

Did a trial here and it looks like this should resolve it.

Hi,
thank you for detailed instruction. I have checked the id:
The output is:

 $ id openhab
uid=110(openhab) gid=115(openhab)  Gruppen=115(openhab),5(tty),20(dialout),29(audio),112(bluetooth),997(gpio)

~ $ id openhabian
uid=1000(openhabian) gid=115(openhab) Gruppen=115(openhab),4(adm),5(tty),20(dialout),24(cdrom),27(sudo),29(audio),44(video),46(plugdev),60(games),100(users),105(input),109(netdev),112(bluetooth),999(spi),998(i2c),997(gpio),1000(openhabian)

If I understand correctly openhab as well as openhabian is already a member of “27 (sudo)” and “5(tty)” .
So in my eyes it looks correct but never the less I have the reported issue in INFO Log and sudo requests all the time a password veryfication.

Any other idea to fix?

Thanks a lot

Cheers
Ste

So from what you have posted I am not able to see that openhab is member of the sudo group.

Hi,
correct
How do I get “openhab” a member of 27(sudo) ?

Thanks
S

See the 4th post in this thread or click on this link Sudo: Kein TTY vorhanden und kein »askpass«-Programm angegeben - #4 by Wolfgang_S .
In case the instructions are not clear enough let me know.

Hi, thank you for quick response.
This I have allready tried but without any affort.
Any other suggestions?
Thanks
Cheers
Stef

what does that mean ? openhab is not member of the sudo group after following the steps or openhab is member of the sudo group but you still see the same error message ?

there is no other way to make openhab member of the sudo group.

Once openhab is member of the sudo group a restart of the openhab service is required to make the service aware of this change.

Hi, tried again and now:

so seems to look good
after restart openhab service sill

the warning…

any suggestions for needed changes in openhabian release 1.6.2b (still on raspi 3 B)
And thanks a lWolfgang for “id openhab” etc.
Cheers
Stef

as far as I remember and I wrote I did a test some days ago which looked ok.
The only information that I do not see / find here in the thread is how do you execute the shell script.
Do you use the exec binding, executeCommandLine or how do you run the script from within your rule ?

Hi,

I execute the script, which is underneath /etc/openhab2/scripts: “findiphone.sh” by a rule that is placed underneath /etc/openhab2/rules: “iphone.rules” and “iphone2.rules” .
Both files are attached - not possible because of the regulation of the board which not allow to upload files… not good …
rule:
rule “Find iPhone 2”

when
    Time cron "0 */7 * * * ? *" // every 7 minutes
then
    val Number timeout = 10*1000 // give the script some time to finish, to capture the result
    // replace 0.0.0.0 with your ip address
    // replace 00:00:00:00:00:00 with your mac address
    // var String result1 = executeCommandLine('/etc/openhab2/scripts/findiphone.sh@@0.0.0.0@@00:00:00:00:00:00', timeout.intValue)

    var String result1 = executeCommandLine('/etc/openhab2/scripts/findiphone.sh@@192.168.111.12@@60:7e:c9:54:32:d7 ', timeout.intValue)

	stefsphone1.postUpdate(result1)
	iPhone2.postUpdate(result1)
	Welcome_Stef_AtHome.postUpdate(result1)

	logInfo("iphone2.rules", "iphone2.rules run")

end

script:
#!/bin/bash

# detect iphone by IP and MAC address.
# use MAC address too, to prevent false positives if IP might change
# return ON or OFF so output can be directly bound to a switch item

# number of retries, less is faster, but less accurate
MAXRETRIES=20

# path to log file - to use logging, uncomment all lines containing 'echo >> logfile'
LOGFILE=/etc/openhab2/scripts/iphone.log

# exit immediately if no parameters supplied
if [ $# -lt 2 ]
  then
    echo `date '+%F %T'` - Required parameters not specified >> ${LOGFILE}
    echo "UNDEF"
    exit 1
fi

# Set variables
IP=$1
MAC=$2

echo `date '+%F %T'` - Script started for ${IP} and ${MAC} >> ${LOGFILE}

COUNT=0
while [ ${COUNT} -lt ${MAXRETRIES} ];
do

  # Change dev and eth0 if needed
  sudo ip neigh flush dev eth0 ${IP}

  sudo hping3 -q -2 -c 10 -p 5353 -i u1 ${IP} >/dev/null 2>&1
  sleep .1

  # Only arp specific device, grep for a mac-address
  STATUS=`arp -an ${IP} | awk '{print $4}' | grep -i "${MAC}"`

  if [ ${#STATUS} -eq 17 ]; then
      # exit when phone is detected
	  
	  echo `date '+%F %T'` - Phone detected >> ${LOGFILE}
	  
      echo "ON"
      exit 0
  fi
  let COUNT=COUNT+1
  sleep .1
done

# consider away if reached max retries

echo `date '+%F %T'` - Phone not detected >> ${LOGFILE} 
echo "OFF"

I checked the permissions: all files underneath /etc/openhab2 are owned by openhab:openhab

That is the only script I bring in… Not shure if anything else cause the warning

Thank you
Cheers
Stef

There are two lines in the bash script that make use of the sudo command.
These should be the root cause for the message.
While you do a redirect of STDOUT and STDERR for sudo hping3 you do none of them for sudo ip command. I would suggest:
a) that you also do redirection for sudo ip command
in case that does not help
b) put one after another of these commands into a comment to check if both or one of the cause the message

Hi, I treid both without any impact.

But I red the system warning again:

sudo: Kein TTY vorhanden und kein »askpass«-Programm angegeben
ON’ to a state type which item ‘stefsphone1’ accepts: [OnOffType, UnDefType].
2021-02-10 12:39:00.717 [WARN ] [rthome.model.script.actions.BusEvent] - Cannot convert ’
Wir gehen davon aus, dass der lokale Systemadministrator Ihnen die

Are we shure to be on the right way…
Maybe the warning comes from the MAP: map-file “home.map”:

ON=at Home
OFF=Away
-=-
undefined=-
uninitialized=-
NULL=-

in the item definition of the iphones in the itemfile: “ipohne.items”:

Switch stefsphone1	 "iPhone 1 [MAP(home.map):%s]" <present>    		(gPresenceDevices,gPresenceHome,gPresens)
Switch iPhone2	 "iPhone 2 [MAP(home.map):%s]" <present>			(gPresenceDevices,gPresenceHome,gPresens)
// items
Switch	Welcome_Stef_AtHome     	"Stef is [MAP(home.map):%s]"		(gPresens)
//

Maybe there is a mistake or the mapping goes wrong.

Thanks
Cheers

The MAP you have shown s only used to map the Item state for display.
The error message you have shown is what the rule tried to update the Item with. The update
Wir gehen davon aus, dass der lokale Systemadministrator Ihnen die
is not ON or OFF, so it fails to update the switch type Item stefsphone1

Sorry I can not follow the quotation in your answer.
The system gives me a warning with the message of a missing TTY…
The script should change a “virtuell” switch from ‘ON’ to ‘OFF’ …

Script, rule and item worked fine in openhab 2.5.11 in my old installation!
What must I change to bring it up to run in openhabian 1.6.2b out of the box?

Thanks

Stefan Heinz


Hinweis: Der Inhalt dieser eMail ist vertraulich und ausschließlich für den bezeichneten Adressaten bestimmt. Wenn Sie nicht der vorgesehene Adressat dieser eMail sein sollten, setzen Sie sich bitte mit dem Absender der eMail oder unter der angegebenen Telefonnummer in Verbindung und vernichten Sie diese eMail auf Ihren Speichermedien.

Notice: The information contained in this email is confidential. It is intended solely for the addressee named above. If you are not the intended recipient, please notify the sender immediately and destroy this message on any media of yours.

Send mobile

I’m trying to show you that - No, the problem has nothing to do with your MAP file.

Sudo is looking for a TTY - a console - to ask you for a password.

Hi,
I follow the hint to put one after the other command into a comment.
So when I comment
# sudo ip neigh flush dev eth0 ${IP}
then the TTY warning is gone!
What must I du to “redirection for sudo ip command” ? Is this “>/dev/null” ?

Sorry if I´m not so familiar with linux and “STDOUT and STDERR” …

Thanks
Stef

Hi,
thank you for the explanation that sudo looks for a password input. That behaviour I can see using a bash.
What is to do to make “sudo” not asking for a passwort in openhabian release?
In my “normal” raspian “Buster” installation you can use sudo as user pi without been asked for a password.
So what is different in openhabian?
Thanks for explain to me
Cheers
S