[Solved] What are permission for shell scripts

Configuration
1

I set a script to start with HA, but try&fail I discovered that it need permission to execute for everyone. So I’m not happy to have it in such manner, I was supposing that the owner could run the scripts.
As much as the entire environment is set to hass, in /var/lib/hass, why the script doesn’t accept a mode of 0744 ?

2

The user running the script needs to have execute permission on the script. You haven’t said which user is running it - in fact I am unclear whether you are running this from home assistant as a command line integration, or via some other method.

For the user to run the script, either:

  1. the user has to own the script, and the script has to have the user execute permission set; or

  2. IThe user has to be in the group that owns the script, and the script has to have the group execute bit is set; or

  3. The script needs to have the other execute bit set.

3

Some time I fail on describe the problem with details, my apologies.
In automation.yaml >>

trigger:
  platform: homeassistant
  event: start
action:
  service: script.prep4out

in configuration.yaml
shell_command: !include_dir_named shellscripts

$ cat shellscripts/set_output.yaml 

/var/lib/hass/custom_scripts/set_output.sh

$ ls -l  /var/lib/hass/custom_scripts/set_output.sh
-rwxr-xr-x 1 hass hass 129 Aug  1 01:44 /var/lib/hass/custom_scripts/set_output.sh

# cat /etc/passwd | grep hass
hass:x:974:974:Home Assistant daemon user:/var/lib/hass:/sbin/nologin

Perhaps it doesn’t need the full path, but is not that bad.
The only file in that directory. The home-assistant is started&enabled by a systemd service

$ cat /usr/lib/systemd/system/home-assistant.service 
[Unit]
Description=Home assistant
After=network.target

[Service]
Restart=on-failure
User=hass
Group=hass

ExecStart=/usr/bin/hass --config /var/lib/hass/ --log-rotate-days 1
RestartForceExitStatus=100

[Install]
WantedBy=multi-user.target

At the first attempts, the user hass is able to run the script in 744 mode. But the result was 127 from the log. So I changed it.

My bad, I was based my assertion on a hold log. So I’m testing with the limited permissions…

<myuser ]>$ sudo ls -l /var/lib/hass/custom_scripts/set_output.sh
-rwxr--r-- 1 hass hass 129 Aug  1 01:44 /var/lib/hass/custom_scripts/set_output.sh