Replacement for this service : hassio.addon_stdin

pergola.fabio · March 7, 2022, 4:20pm

Hi, this service is no more : hassio.addon_stdin

How can i do it as an easy workaround? i cant do it from a shellcommand, since the tool “docker” is not present in the HA container, it only works in the SSH container
I need the command below:
docker exec -it addon_some_addon bash -c 'python3 mycommand.py

It fires a script present in another add-on

service: hassio.addon_stdin
data:
  addon: a0d7b954_ssh
  input: "docker exec -it addon_some_addon bash -c 'python3 mycommand.py'"

petro · March 7, 2022, 5:20pm

I’m running next months dev build, still exists. Was it an announced deprecation?

pergola.fabio · March 7, 2022, 5:42pm

Hi, seems the service still exist, but not possible anymore for the ssh addon?

github.com

hassio-addons/repository/blob/9d08973517f1e7cb2808e79a8518cefad859a463/ssh/CHANGELOG.md

## What’s changed

👋  Hi there! Time for a big update, **v10.0.0**

⚠️ Please read this carefully, as this release comes with a bunch of breaking changes.

The add-on has upgraded to Alpine 3.15, which means all tools are now running the latest versions.

The `homeassistant_cli` has been removed. This (third-party) CLI has some upstream updates, which broke add-on compatibility.
It, therefore, has now been removed. One can still install it using the `command_init` option if wanted, however, is no longer part of the default distribution.

The Have I Been Pwned checks have been removed from the add-on, as this is a built-in feature of the Supervisor nowadays. This means the `i_like_to_be_pwned` option has been removed from the add-on configuration. If you have this option set, you will need to remove this from your add-on options.

Lastly, the `addon.stdin` service has been removed. And I want to explain a little about the reasoning behind it.

The `addon.stdin` service allowed to run commands on this add-on, which could be helpful. However, I got contacted about this service as it has the potential to be used as an attack surface in combination with social engineering. Quite a lot of social engineering, as this is not a one-click accept kinda attack. It requires a lot of steps.

For this matter, me (@frenck) and the reporting person didn't agree on the type of issue this imposes. A CVE has been requested at MITRE by the reporter, however, I do not recognize it and do not agree on the vulnerability. For that reason, this person and the CVE are also not listed in these release notes.

The service has not been removed because I think it is a vulnerability (as a matter of fact, I don't agree it is), but the service is removed as I think we should protect users, even against possible complex social engineering; if this helps, I think we should do that.

This file has been truncated. show original

petro · March 7, 2022, 5:46pm

it has the replacement service in that blurb.

pergola.fabio · March 7, 2022, 5:50pm

Yes, but not sure how I can do that

petro · March 7, 2022, 5:58pm

are you just trying to run a python file? If yes, do it through shell command

pergola.fabio · March 7, 2022, 6:03pm

huh? i’m overlooking it?

no, i need to run a python file thats inside an custom addon , so i cant do it from a shellcommand

actually this command:
"docker exec -it addon_some_addon bash -c 'python3 mycommand.py'"

but only works from ssh addon, not from a shellcommand, since there is no “docker” command in the homeassistant container

petro · March 7, 2022, 6:04pm

What does the python file do? Why is it only in the container?

pergola.fabio · March 7, 2022, 6:05pm

it opens a door , using an SDK , that runs a service, needs to be in another addon, since needs to be build on debian

pergola.fabio · March 7, 2022, 6:06pm

we are trying to make it better offcourse , but for now we need to run a seperate python file

petro · March 7, 2022, 6:07pm

I’m not sure if there will be a replacement then. If there is a way, I cannot help as it’s outside my abilities to help.

petro · March 7, 2022, 6:08pm

Personally, I’d try to make it run in a way where you can connect to it via a websocket through a custom integration.

pergola.fabio · March 7, 2022, 6:20pm

no problem, thnx as always!

davidusb · March 22, 2022, 11:50pm

Hi there, did you managed to find a solution? I’m kind of stuck with the same issue…

pergola.fabio · March 23, 2022, 5:55am

Yes, but using my own custom addon , not the ssh one

davidusb · March 23, 2022, 8:12am

And will it be possible for you to please share your solution?

pergola.fabio · March 23, 2022, 8:39am

its a custom written python code, not sure what you want todo ?

i just use

import sys

for line in sys.stdin:

do what you want …

davidusb · March 23, 2022, 10:15am

ok thank you, I get the idea

Fido · March 24, 2023, 3:25pm

Hello,
please can you help me. I used mentioned calling for copy files from folder /backup. If I try my script file in SSH terminal everything works perfectly. When I use sell_command in my Automation it can not see folder /backup, because script do everything in destination folder, but it can not find files in /backup. Do you have any idea how can I allow read this folder for automation or how to call SSH terminal from automation?

Thank you for your responses.