Running Shell Commands

Tinkerer · January 13, 2017, 9:12pm

You’ll need to have it unmounted then, as hass mount it with mount /media/pi/MyBook first I suspect.

Also, with it not mounted, what’s the output from ls -ld /media/pi/MyBook

SmartValley · January 14, 2017, 12:25pm

This is the output when disk is not mounted

pi@Home-Assistant:~ $ ls -ld /media/pi/MyBook
drwxr-xr-x 2 hass root 4096 Jan 13 19:51 /media/pi/MyBook

I managed to solve the problem now. I just added hass to sudoers and it’s all working very nicely now

Thank you for all your help!!!

juan11perez · April 10, 2018, 12:49am

Good day, looking for some guidance. Im trying to get HA to run this bash. Have tried all the possibilities listed under the bash with no luck. Any guidance is much appreciated
https://hastebin.com/bikakexumo.bash

anon43302295 · April 10, 2018, 1:46am

Does it work from the command line inside the venv (or however you’re running HA?

What errors do you get, if any?

Are the entries in your sudoers file commented out, or is that a paste error?

You are not overriding the command ‘ln’ in your sudoers file.

You are not overriding the command ‘rm’ in your sudoers file.

You are not overriding the command ‘systemctl restart’ in your sudoers file.

You are overriding files, not commands in your sudoers file.

Your entire script seems to be to copy the pem files from one place to another and tehn create symbollic links elsewhere, why not just reference the correct locations in HA (and anywhere else) directly and save the bother?

juan11perez · April 10, 2018, 5:36am

@anon43302295 thank you for your response.
I can run it from the command line as my own user.
I’ve tried running it from HA dev UI, as I cant use the HA user because the installation comes password protected and I dont have the password.

The error Im getting is Error running command: shellinabox_certificate, return code: 1
5:15 PM /srv/homeassistant/lib/python3.6/site-packages/homeassistant/components/shell_command.py (ERROR)

I commented it out for now because it’s not working and didnt want to leave it “half-baked”

I want to try overrinding, “ln”, so i assumed it’s “link”, but have not been able to find the directory location for “rm” and “cat”. systemctl is overriden in another sudoers line.
Maybe you can point me on how to correctly override the relevant commands.

That’s correct. Basically I have shellinabox installed (webterminal). in order to see it within the HA UI i need to use SSL certificates because im on HTTPS. shellinabox uses 1 combined certificate including prem & key. So my bash creates a combined certificate in the Downloads folder and a simlink to the default shellinabox certificate.
I would like to fire an automation that runs this bash when the cerficates are updated after 90days.

Any suggestions around this way are welcome.

Not sure if there’s a way to keep the dummy (combined cert) file continuously linked to the base lets-encrypt certs?

anon43302295 · April 10, 2018, 11:28am

OK - first things first…

When you say “the installation comes password protected and I dont have the password.” what do you mean by this?

Generally speaking people run homeassistant on an unprivileged user that specifically doesn’t have a password for security, when we need to use privileged commands we use other methods, but I don’t want to go down that path unless that’s correct for your installation.

juan11perez · April 10, 2018, 12:31pm

thank you again. Im running ubuntu 17.10 on a NuC. I used this guide for the installation

when i su homeassistant it asks for a password. I can sudo su and the su homeassistant, but when i try to run a command requiring higher privileges it asks for a password.

I dont have the password. I presume it comes with he installation.

anon43302295 · April 10, 2018, 12:46pm

Okey-cokey.

Basically, when you want to run a sudo command as the homeassistant user it needs to be in the sudoers list, because there is no password.

We test whether the script works by running it as the homeassistant user and then the script runs the privileged commands (if authorised in sudoers).

So, the next step is to see what the output of the script is from the homeassistant user. So, from your main user account:

sudo su -s /bin/bash homeassistant 
cd /PATH/TO/SCRIPT/PARENT_FOLDER
./YOUR _SCRIPT.sh

juan11perez · April 10, 2018, 2:13pm

Thank you: got this:
hass@Home:~$ sudo su -s /bin/bash homeassistant
homeassistant@Home:/home/hass$ cd /usr/local/bin
homeassistant@Home:/usr/local/bin$ ./shellinabox_certificate.sh
[sudo] password for homeassistant:

when I hit ctrl c to exit, got this
./shellinabox_certificate.sh: line 4: /home/hass/Downloads/certificate-juan11perez.duckdns.org.pem: Permission denied

tschmidty · April 10, 2018, 3:02pm

Look earlier in this thread for how to set up sudo to allow specific commands to be run without a password

anon43302295 · April 10, 2018, 3:02pm

OK, I think that’s because your script is using sudo rm ... but you don’t have permission to use rm in your sudoers file. Add rm to your list of exceptions as you have with the others (full path - you’ll have to work that out, I can’t think off the top of my head), restart the computer and try again.

juan11perez · April 10, 2018, 8:24pm

@anon43302295 thank you for looking into this. You’re questions helped me rethink the end result I wanted and the solution was much simpler than what I was trying to do.
Once the combined file was in place, there was no need to unlink, delete, cat again, relink, etc.
All i really need is for the content to be updated with the new certificates content.
So I used sed to delete the existing content and then used cat with appending “>>” instead of creating to repopulate the file.
No sudo privileges required at all. Only changed file ownership