Right now, when I want to turn off my pi running webcontrol, I have to ssh into it and run sudo shutdown -h now. Could this be added to webcontrol somewhere (preferably with some sort of confirmation prompt) to avoid the need to ssh into the pi every time you are done cutting? You can corrupt the SD card if you just turn it off without safely shutting it down.
1 Like
you can add a buttun and a button service to shut it down. That is what I have on mine. It would be straight-forward to add a menu button that would do it from the web page in the action menu.
edit: added possible example picture (excuse the shaky mousing).
I’m doing the following as a workaround with a Raspberry pi as my controller and controlled by phone. So I end up having to press the juicessh icon, press the rpi connection (static IP, and it remembers login info), down arrow to select shutdown, yes to confirm. I’ve rebooted a number of times at the top of the ladder, a lot easier than typing in commands.
I haven’t figured out a way to shutdown the RPI without having to use sudo and then enter the password some how.
I’d be more than happy to put it in if someone can figure out a way.
You can make a specific command (or all of them) passwordless in the sudoers file, see this answer:
I just added it to my rpi and it works, but it does make a sudo call.
I put in a button on the action page:
Added in action.py:
from subprocess import call
… in action if stack
elif msg[“data”][“command”] == “TurnOffRPI”:
if not self.turnOff():
self.data.ui_queue1.put(“Alert”, “Alert”, “Error with system shutting down.”)
and a function in action.py
def turnOff(self):
if oname == “posix”: # the problem here is that mac, linux, and raspbian will all try to turn off unless filtered
print(os.system(“uname -a”))
# insert other possible OSes here
# … NEED ARE YOU SURE YOU WANT POWER DOWN?
call(“sudo shutdown -h now”, shell=True)
return(True) #this should never run
it works on my system. I have to go unplug it now and power it back on.
1 Like
Do you know if there’s anyway to detect if someone has made the change to the pi user and it has such privilege?
Probably using sudo -l ? From the man page:
-l, --list If no command is specified, list the allowed (and forbidden) commands for the invoking user (or the user specified by the -U option) on the current host. A longer list format is used if this option is specified multiple times and the security pol‐
icy supports a verbose output format.
If a command is specified and is permitted by the security policy, the fully-qualified path to the command is displayed along with any command line arguments. If a command is specified but not allowed by the policy, sudo will exit with a status
value of 1.
pi user is in sudoers group by default and can do it.
It would also probably be a good idea to use the --non-interactive flag:
-n, --non-interactive
Avoid prompting the user for input of any kind. If a password is required for the command to run, sudo will display an error message and exit.
1 Like
change it to
call(“sudo -n shutdown -h now”, shell=True)
does that work?
I didn’t put in the fact that the call line is in a try block with an except that will return false to the if statement up above if it fails.
Yeah, that looks right. Altough I’d probably use the long form (--non-interactive) in scripts, just so it’s clearer what this does when you come back in 6 months.
According to the documentation, it’ll just fail instead of asking for a password. If we were integrating this into the main WebControl code, I’d probably check the error message in that case and display a user-friendly error in the UI.
I’ll make a new user without rights and see if it fails correctly…
call(“sudo --non-interactive shutdown -h now”, shell=True)
If the user doesn’t have permissions, it needs either be disabled, hidden, or provide a message indicating why its not working after the user clicks it.
sudo --non-interactive shutdown -h now should fail instead of asking for a password. You can catch that failure to display the message you want.
I made a new user, cloned the repo, loaded the correct branch, but webcontrol refuses to run… likely a dependency issue. So I used a simple script to try it.
The response is:
sudo: a password is required
This seems to shut down the RPI without having to enter a password or anything.
subprocess.Popen([“sudo”, “–non-interactive”, “shutdown”, “-h”, “now”])
I looked at my RPI install and it seems that for raspbian that pi user doesn’t have to enter password for sudo commands. I’m running a version of stretch. can people check other raspbian versions?
the pi user on raspberry pi running raspian can run sudo without a password on jessie, stretch, and Buster, which are all distros I used.
why popen vs call?
There was a reason I needed to use it for the release manager (can’t recall what) and I just stick with things I’ve used before. Is there an advantage to using call or disadvantage to using popen?
I was hoping you knew the answer. Call came up from google and I used it in the button code on my system (part of the giant pull request) that does the same thing.