I have written a script to restart a bundle inside of openhab
The script works just the way i intend it to when i launch it from my terminal, but when i try to execute it from openhab it doesn’t restart the bundle, I’m positive that it executes the script (tried to execute other things in the script and that works fine).
I’m starting to wonder if it’s some problems with my key certificate.
And if i execute the script from terminal i get the following in the logs:
17:04:11.437 [INFO ] [b.core.service.AbstractActiveService] - IHC / ELKO LS refresh and notification listener service has been shut down
17:04:15.509 [INFO ] [b.core.service.AbstractActiveService] - IHC / ELKO LS refresh and notification listener service has been started
17:04:15.509 [INFO ] [nhab.binding.ihc.internal.IhcBinding] - Connecting to IHC / ELKO LS controller [IP=’’ Username=’’ Password=’’].
If i edit the script with "say 'hello world’
It speaks from my mac when i execute it from openhab, so it’s being executed alright.
Anyone out there who could help me get further, perhaps with the right certificates or what not. ?
So yeah it looks like it’s a problem in my keys then it’s just down to how to fix it.
I’m looking at your link and I’m note sure if i can use all of it since i’m on a mac.
Trying to ssh but the host is not part of the openhab user’s known hosts. Either copy the .ssh folder from your usual account to ~/openhab/.ssh (changing permissions and ownership of course) or run sudo -u openhab /usr/bin/ssh user@host and typing “yes” when ssh asks if you want to accept the ssh key.
I don’t have a openhab user on my mac.
When I start openhab as a service I use sudo, but the key I have paired with openhab is my primary user.
sudo -u myuser /usr/bin/ssh openhab@localhost
If I write this in terminal I’m asked for a password, but neither my normal root password nor habopen works
Well, as long as you run openhab using sudo this is the only solution.
A better solution, particularly if you plan on running openHAB all the time, would be to create an openhab user and run openHAB under that user. Then configure that user with the ssh keys.
The risk is if OH is successfully attacked and it is running as root, the attacker will have full root access to your machine. If openHAB runs as some other user, the attacker can only do what that user can do. You can then limit what that user can do to make you system safer.
I haven’t tried it since I don’t use the Rule DSL but I don’t know why the rule engine wouldn’t have access. JMX is a core Java API so I’d guess it should be accessible by the rules classloader. I’ve done quite a lot with JMX in JSR223 rules so I’m about 99% sure it would be possible to reload bundles that way (but, again, I haven’t tried it).
I thought it would require a specific library from Karaf. If it is part of the core API then you should be able to access it. If you figure out a posting in the Tutorials and Examples section would be wonderful.
JSR223 has A LOT more access to things than the Rules DSL so I wouldn’t be that certain. But if everything you need is a core Java package you should be OK.
Just to be clear, I’m 99% sure that JSR223 rules can do it. I’m not nearly as sure that the crippled DSL rule engine can do it. However, if I used that rules engine I’d at least try the JMX API from a rule before using the ssh workaround.