Turn ON and OFF Logging from UI

Hi there,

for those how need i made a solution to turn ON/OFF logging from UI

first please check if you have “sshpass” on your raspi.
If not, first install it:

sudo apt-get install sshpass

after that you need two scripts that you have to put in your openhab scripts folder:

karaflog-to-info.sh: (switch on logging)

#!/bin/bash
sshpass -p habopen ssh -tt -p 8101 -o StrictHostKeyChecking=no openhab@localhost log:set INFO org.eclipse.smarthome
sshpass -p habopen ssh -tt -p 8101 -o StrictHostKeyChecking=no openhab@localhost log:set INFO smarthome.event

karaflog-to-warn.sh: (switch off most of logging messages)

#!/bin/bash
sshpass -p habopen ssh -tt -p 8101 -o StrictHostKeyChecking=no openhab@localhost log:set WARN org.eclipse.smarthome
sshpass -p habopen ssh -tt -p 8101 -o StrictHostKeyChecking=no openhab@localhost log:set WARN smarthome.event

make both scipts executable with:

chmod 775 karaflog-to-info.sh
chmod 775 karaflog-to-warn.sh

exec.things:

Thing exec:command:logsetinfo [command="/etc/openhab2/scripts/./karaflog-to-info.sh", interval=0, timeout=5,autorun=false] //Karaf Log:Set INFO
Thing exec:command:logsetwarn [command="/etc/openhab2/scripts/./karaflog-to-warn.sh", interval=0, timeout=5,autorun=false] //Karaf Log:Set WARN

exec.items:

Switch     LogsetINFO              "Logset to INFO"                                 <switch>  {channel="exec:command:logsetinfo:run"}
DateTime   LogsetINFOLastexecution "Ausgeführt:   [%1$tA, %1$td.%1$tm.%1$tY %1$tT]" <time>    {channel="exec:command:logsetinfo:lastexecution"}
Switch     LogsetWARN              "Logset to WARN"                                 <switch>  {channel="exec:command:logsetwarn:run"}
DateTime   LogsetWARNLastexecution "Ausgeführt:   [%1$tA, %1$td.%1$tm.%1$tY %1$tT]" <time>    {channel="exec:command:logsetwarn:lastexecution"}

sitemap:

Switch item=LogsetINFO label="Logset to INFO"
Default item=LogsetINFOLastexecution label="Ausgeführt:"
Switch item=LogsetWARN label="Logset to WARN"
Default item=LogsetWARNLastexecution label="Ausgeführt:"

Have fun!

That’s a nice idea.
A switch for switching logging modes
I love it!

Cool, thanks for the great tutorial. But the question to some security experts who are more proficient in this field: this way the password is visible in the script, anything bad about it as long as you know who is in your network?

Or even better, create ssh certs for the openhab user and add it to the karaf configs. The openhab user’s home is /var/lib/openhab2 so put them in /var/lib/openhan2/.ssh.

After generating the ssh keys, create an entry in $OH_USERDATA/etc/keys.properties:

openhab=<public key>,_g_:admingroup

Then it will log in without asking for a password at all.

Then there is no need for sshpass.

It’s generally a pretty bad idea to have passwords in plain text. That’s why I recommend the certificate approach. But in this case the risk is really low. By default, you can only access the karaf ssh from the local host so only someone who is already on your machine would be able to use the password anyway. If they are already on your machine, the fact that they can access your karaf console is the least of your problems.

How can I create ssh certs for user ‘openhab’? I only know how for example create ssh keys for user openhabian with ssh-keygen -b 4096

Any hint is more the welcome.

Personally, I’m lazy. I just copy the same certs I created for my main user to ~openhab/.ssh and adjust the ownership and permission as required. But you can run that command as the user openhab and that should work too.

sudo -u openhab ssh-keygen -b 4096

The certs are just two random very large prime numbers. There is nothing tying them to a specific user really.

Your lazy way is also working for me. Adding the created openhab-user-key in key.properties doesn’t work. Hm, strange.

Which user are calling ssh as and which user are you logging in as?

Let’s say you are logged in as user openhabian.

I only tried the first one, successfully. Second one asks for passwords. (sudo, which is OK and ssh)
Here my keys.properties:

openhab=AAAAB…,_g_,admingroup

BTW: How do you post the table? Markdown?

Yes, the forum supports much/most of markdown.

Col 1 | Col 2 | Col 3
-|-|-
R1C1 | R1C2 | R1C3
R2C1 | R2C2 | R2C3
R3C1 | R3C2 | R3C3

Produces