I got a small question regarding scripting a post-install script for my own archiso install script. There are some commands I need to run after the system is installed and running with systemd. So I need to run a script that does those things inside the finished install after rebooting from the archiso live environment.
Right now the user has to provide a password for sudo to kick off these things, but I want it to happen without the user doing something.
My only answer to this problem is to edit the sudoers file inside arch-chroot to allow all users of the wheel group executing sudo without asking for a password. After my post-install script is done, the sudoers file will be edited to ask for password.
So I am running the following command inside the live environment:
arch-chroot /mnt sed -i ‘s/# %wheel ALL=(ALL:ALL) NOPASSWD: ALL/%wheel ALL=(ALL:ALL) NOPASSWD: ALL/g’ /etc/sudoers
And after restarting I am starting my post-install script and at the end there is this:
sudo sed -i ‘s/%wheel ALL=(ALL:ALL) NOPASSWD: ALL/# %wheel ALL=(ALL:ALL) NOPASSWD: ALL/g’ /etc/sudoers
sudo sed -i ‘s/# %wheel ALL=(ALL:ALL) ALL/%wheel ALL=(ALL:ALL) ALL/g’ /etc/sudoers
This works, but I feel this has some potential to fail and leave the system with a “no password sudo”. I would love to set these things with arch-chroot but it doesn’t work without systemd. I could just run the script and ask for the password, but I would like it to be automated.
Is there a better option to automate all of this?