Your Buster installation has configured user pi to not ask for a password. This can be done in openHABian too, but needs deeper linux / visudo knowledge…
Google has a lot of information on how to do this.
that you already did.
Remember:
- user openhab needs to be member of the sudo group
- check if it is a member of sudo is to run: id openhab
- reply to that command will show the groups the user is a member of ( see earlier posts )
see the above command id that show the same output ( group member sudo ) for the user pi
As you write in case you put the command into a comment the reason must be tty output and not the askpass ( I assume ). You have a second sudo command active - correct ? If that is the case and although the command is active the reason for the warning/error message must be the STDOUT/STDERR output.
Try:
sudo ip neigh flush dev eth0 ${IP} >/dev/null 2>&1
Hi,
I changed /etc/sudoers with visudo and reboot the system.
openhabian@openHABianDevice:~ $ sudo more /etc/sudoers
[sudo] Passwort für openhabian:
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
Defaults mail_badpass
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL:ALL) ALL
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
# See sudoers(5) for more information on "#include" directives:
#includedir /etc/sudoers.d
openhab ALL=(ALL:ALL) ALL
openhabian ALL=(ALL:ALL) ALL
As you can see I add at the end of the file the users “openhab” and “openhabian”
So It is descripted for example here:
And you can see that after the “sudo more /et…” command that the system ask for password…
So my question is there anything else to do in openhabain to bring sudo to work without asking for passwords.
Thank you
Cheers
Stef
Hi Wolfgang,
Using:
sudo ip neigh flush dev eth0 ${IP} >/dev/null 2>&1
the wrning is gone
Thank you very much
Cheers
Stef
1 Like
This
is redundant as you already have
and according to post Sudo: Kein TTY vorhanden und kein »askpass«-Programm angegeben - #11 by sjheinz openhab was already a member of sudoers at that time. openhabian is a member of sudoers by default.
Of course this redundancy doesn’t matter and it works.
Check the following please, you need to add NOPASSWD
https://kofler.info/sudo-ohne-passwort/
1 Like
Hi,
yes that is the solution adding “NOPASSWD:” - Thank you very much.
For all readers:
the solution in generell to avoid any warning using scriupts in openhab underneath /etc/openhab2/scripts/ is adding:
openhab ALL=(ALL:ALL) NOPASSWD: ALL
openhabian ALL=(ALL:ALL) NOPASSWD: ALL
in /etc/sudoers using “sudo visudo”
So finally I ask myself why is this not integrated in openhabain releases to avoid “stupid” typing passwords for openhabian user because you´ll often instructed to use sudo … in several community articles. Maybe this is to avoid errors having a break while typing the password. But in my eyes this works for only for 3 till 5 starting events. Later also the effect to memorize openhabians password is gone also 
And secound in m eyes openhab has to be a memeber of sudoers that avoird any warning when using scripts as we can learn from this discussion.
Cheers and many thanks to hmerk and Wolfgang_S for very kindly and fast and very good support
Cheers
Stef
Maybe a maintainer updates new openhabian images with this work around.
executeCommandLine() is considered a tool for advanced users.
Disabling password protection for possibly no purpose is not a good security practice.
Hi rossko57,
if anybody is able to get in the system this guy is for shure able to use visudo command as well as all other commands without using/editing sudoers file!
sometimes the highly security argument is in my eyes beyond the borders.
Cheers
Stef
This topic was automatically closed 41 days after the last reply. New replies are no longer allowed.