Run a bash script with remote SSH Topic is solved

[Number8]

Hello,
I'd like to run a bash script with a remote SSH session.
Logged as a standard user on computer from which I want to initiate the ssh session the following command works

Code: Select all

ssh [email protected] sh ~/backupInflux.sh

Now I'm trying to get this working within dzVents context (dzVents 3.0.14 not 3.1 yet). So I'm using the generic os.execute command.

Code: Select all

local cmd = 'ssh [email protected] sh ~/backupInflux.sh&'
os.execute(cmd)

os.excute runs (no error in Domoticz log file) but it does not work.
I know the trick is related to the parameters that are passed to the ssh command. How should I proceed?
Thank you

[waaren]

os.excute runs (no error in Domoticz log file) but it does not work.
I know the trick is related to the parameters that are passed to the ssh command. How should I proceed?

Before dzVents 3.1.0
I used below function for shell access because it does return more information.

the ssh command should look something like

Code: Select all

 ssh user@remote ' command  '

Code: Select all

        local function osCommand(cmd)
            dz.log('Executing Command: ' .. cmd,dz.LOG_DEBUG)
            
            local fileHandle = assert(io.popen(cmd, 'r'))
            local commandOutput = assert(fileHandle:read('*a'))
            local returnTable = {fileHandle:close()}
            
            dz.log("ReturnCode: " .. returnTable[3] .. "\ncommandOutput:\n" .. commandOutput, dz.LOG_DEBUG)
            
            if returnTable[3] ~= 0 then
                dz.log("ReturnCode: " .. returnTable[3] .. "\ncommandOutput:\n" .. commandOutput, dz.LOG_ERROR)
            end
            
            return commandOutput,returnTable[3] -- rc[3] contains returnCode
        end

[Number8]

Thanks waaren. Based on your code here is the current code and the log

Code: Select all

local cmd = "ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 [email protected] 'sh home/pi/backupInfluxA.sh'"
	os.execute(cmd)

Log reports

Code: Select all

2021-01-14 19:59:08.090 Status: dzVents: Debug: test script: Executing Command: ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 [email protected] 'sh home/pi/backupInfluxA.sh'
2021-01-14 19:59:08.234 Status: dzVents: Debug: test script: ReturnCode: 255
2021-01-14 19:59:08.234 commandOutput:
2021-01-14 19:59:08.234
2021-01-14 19:59:08.235 Status: dzVents: Info: test script: ------ Finished 9forTest.lua
2021-01-14 19:59:08.234 Error: dzVents: Error: (3.0.14) test script: ReturnCode: 255
2021-01-14 19:59:08.234 commandOutput:
2021-01-14 19:59:08.234

[waaren]

'sh home/pi/backupInfluxA.sh'

Should it not be 'sh /home/pi/backupInfluxA.sh' ?

[Number8]

'sh home/pi/backupInfluxA.sh'

Should it not be 'sh /home/pi/backupInfluxA.sh' ?

Indeed, you're right thank you. I corrected it, same errors

[waaren]

same errors

Can you try it without the sh, so that it will use the default shell
Things to try

Code: Select all

'/home/pi/backupInffluxA.sh'
'sh -c /home/pi/backupInffluxA.sh'
'sh -cl /home/pi/backupInffluxA.sh'
'sh -clv /home/pi/backupInffluxA.sh'

[Number8]

Thanks for that. I tried the 4 options, same 255 error code returned. What this code is supposed to mean?
So the calling code is currently

Code: Select all

local cmd = "ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 [email protected] ~/backupInfluxA.sh"

or

Code: Select all

local cmd = "ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 [email protected] '~/backupInfluxA.sh'"

and then calling the function. I checked that ~/ points to the right directory

[waaren]

Thanks for that. I tried the 4 options, same 255 error code returned. What this code is supposed to mean?

code 255 is the same as code 1. Not very useful without errormessage. Did you already tried to do it with sudo and with the full qualified filename?

[Number8]

Thanks for that. I tried the 4 options, same 255 error code returned. What this code is supposed to mean?

code 255 is the same as code 1. Not very useful without errormessage. Did you already tried to do it with sudo and with the full qualified filename?

Yes I did, and I doubled checked just now.
Just to see what is the result I replaced the command by "ls". Same error reported

[waaren]

Just to see what is the result I replaced the command by "ls". Same error reported

Below script works for me since 2019

Not sure if it is of any help to you but it proves it is possible

Code: Select all

local scriptVersion = '0.201909201700'
local scriptVar  =  'TMEP_' .. scriptVersion

--[[ 

This dzVents script is used to send temperature and humidity data to a TMEP database 
see  https://github.com/MultiTricker/TMEP for details on how to use and setup.

The script use os.popen to trigger a mySQL insert statement 
It also tested and works for a remote system if the system with the TMEP database 
can be accessed by the user that is running the domoticz service, via password-less 
SSH (with public / private key setup)

Be aware that even if domoticz runs as root it will not behave the same 
as from the command line because it can use a different OS environment.
That can imply that if you can access the database from the command line without password
you still need to use that when access from the domoticz program.

Before activating the script:
    Read the GETTING STARTED section of the dzVents wiki. 
    Change the values in the script to reflect your setup
    Change the names / ID s of your humidity and temperature devices
    
]]--

return
{
    on = 
    { 
         timer = { 'every 15 minutes' },  -- Set to required frequency
    },

    logging =   
    {
        level = domoticz.LOG_ERROR, -- set to LOG_ERROR when tested and OK
        marker = scriptVar,
    },
    
   execute = function(dz)
        
        local db = { 
                        name = 'TMEP',             -- database name
                        user = 'waaren',           -- change to your database username
                        userPassword = 'obscured',   -- set userPassword = false (without quotes) when you can access the database without
                        remoteHost = 'dz',        -- set remoteHost = 'remote hostname' when database is remote 
                        sudoRequired = false,      -- set true or false
                        temperatureDevice = 2289, -- change to your temperature sensor "name" or idx
                        humidityDevice = 2289,      -- change to your humidity sensor "name" or idx
        
                        table = 'tme',           -- these table- and fieldnames probably do not need to change 
                        dateTime = 'kdy',
                        temperature = 'teplota',
                        humidity = 'vlhkost',
                    }
        -- =======================================================================
        --               NO changes required below this line
        -- =======================================================================
        local temperature = dz.utils.round(dz.devices(db.temperatureDevice).temperature,1) 
        local humidity = dz.utils.round(dz.devices(db.humidityDevice).humidity,1)    
        local function osCommand(cmd)
            dz.log('Executing Command: ' .. cmd,dz.LOG_DEBUG)
            
            local fileHandle = assert(io.popen(cmd, 'r'))
            local commandOutput = assert(fileHandle:read('*a'))
            local returnTable = {fileHandle:close()}
            
            dz.log("ReturnCode: " .. returnTable[3] .. "\ncommandOutput:\n" .. commandOutput, dz.LOG_DEBUG)
            
            if returnTable[3] ~= 0 then
                dz.log("ReturnCode: " .. returnTable[3] .. "\ncommandOutput:\n" .. commandOutput, dz.LOG_ERROR)
            end
            
            return commandOutput,returnTable[3] -- rc[3] contains returnCode
        end

        local function buildCommand(temperature, humidity)
            local sshBOL =  ( db.remoteHost and "ssh "  .. db.remoteHost .. " \'" ) or '' 
            local sshEOL =  ( db.remoteHost and ";\'" ) or ';' 
            local password = ( db.userPassword and " -p" .. db.userPassword .. " "  ) or ''
            local sudo = (db.sudoRequired and "sudo " ) or '' 
            
            local cmd = sshBOL .. 
                        sudo .. " echo \" INSERT INTO " .. 
                        db.table .. "(" .. 
                        db.dateTime .. ", " .. 
                        db.temperature .. ", " .. 
                        db.humidity .. ")" .. "VALUES (NOW(), " .. 
                        temperature .. ", " .. 
                        humidity .. ") \" | mysql -v -u " ..
                        db.user .. 
                        password .. " " .. 
                        db.name .. 
                        sshEOL
            return cmd 
        end
        
        osCommand(buildCommand(temperature , humidity))
    end
}

[Number8]

Thanks a lot, I will try to mimic your code and report back

[Number8]

I implemented your script, without sending the command to have a look at the build-up of the ssh command line. It gives (I set dz to some IP address to have something meaningfull:

Code: Select all

ssh 192.168.21.110 ' echo " INSERT INTO tme(kdy, teplota, vlhkost)VALUES (NOW(), 25, 90) " | mysql -v -u waaren -pobscured TMEP;'

I noticed there is no user attached to the IP address. How could it be (I guess you have setup a public/private key set up as well)?

[waaren]

I noticed there is no user attached to the IP address. How could it be (I guess you have setup a public/private key set up as well)?

Yes, as it's described in the comments at the beginning of the script

[Number8]

I noticed there is no user attached to the IP address. How could it be (I guess you have setup a public/private key set up as well)?

Yes, as it's described in the comments at the beginning of the script

oh yes sorry for that. The only difference I see so far, in your case the remote machine grants the connection since the account the cllent uses exists on the remote, hence there is no need to declare it in the connection string. In my case I have to make it explicit.
I have a Domoticz test gear, I will carry some tests from this one to the same remote (it will be same OS, that is Raspian Buster) to see how it goes. As far as Domoticz is concerned, it is beta updated, I'll test ir with the new method as well. I'll keep you posted.

[Number8]

I have a freshly compiled Domoticz running in a VM. Test has been carried you with the newly cooked function domoticz.executeShellCommand(). Now we know why is does not work: Key verification failed

Code: Select all

local cmd = 'ssh [email protected] "sh ~/backupInfluxA.sh"'
dz.executeShellCommand({
     command = cmd,
     callback = 'shell',
     timeout = 5,   })

{["dump"]=function, ["isHTTPResponse"]=false, ["timeoutOccurred"]=false, ["data"]="", ["callback"]="shell", ["isHardware"]=false, ["isGroup"]=false, ["isCustomEvent"]=false, ["baseType"]="shellcommandResponse", ["isSystem"]=false, ["isDevice"]=false, ["errorText"]="Host key verification failed. ", ["hasLines"]=false, ["isVariable"]=false, ["statusCode"]=0, ["isScene"]=false, ["isTimer"]=false, ["isXML"]=false, ["ok"]=true, ["isShellCommandResponse"]=true, ["shellCommandResponse"]="shell", ["isJSON"]=false, ["isSecurity"]=false, ["trigger"]="shell"}

As a matter of fact the private/public key is set-up for pi account. What could cause the error then? Bash script owner is pi. An it still works when using ssh in console mode

[waaren]

As a matter of fact the private/public key is set-up for pi account. What could cause the error then? Bash script owner is pi. An it still works when using ssh in console mode

If your domoticz is not executed as user pi the process cannot find the key. You will have to do something with the su command I guess.

[erem]

to set this up correctly

1- on the source machine
- sudo su
- whoami (should return root)
- ssh pi@target machine

answer the questions
The authenticity of host 'target)' can't be established.
ECDSA key fingerprint is SHA256:dKNyChgyMqAaenlhW/Cvq2M0+BOojZvi3koKbQlqUOw.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'target' (ECDSA) to the list of known hosts.
pi@target password:

once connection has been made once, subsequent connections should not ask for pw.

[Number8]

@erem: this is it! Thank you very much. The mistake I made was related to the fact that I did not generate the public/private key pair from su account. Thanks a lot to waaren as well that has been very helpfull to tackle the issue. I made the test with both methods os.execute() and domoticz.executeShellCommand() that are working as expected now.