[mythtv-users] ACPI

[Stephen Worthington]

On Sat, 12 Sep 2020 16:38:11 -0400, you wrote:

>Still no joy. When I ran "sudo visudo" the comments said "consider creating
>a sudoers.d file" (or something similar) which I didn't because the wiki
>saed add this to the end of the file. Should I try the former?

visudo will only edit the /etc/sudoers file.  It is usually better
just to create a new file under /etc/sudoers.d, as the /etc/sudoers
file can be updated by package updates.  However, visudo does do basic
sanity checks on your edits, which does not happen if you create a new
/etc/sudoers.d file.  For a /etc/sudoers.d file to work, it needs to
be owned by root and you need to remove all write privileges.  It is
also important that any executable file or script you are listing in
the sudoers.d file is also not writeable at all (or only writeable by
root).  So when I created my /usr/local/bin/mythtv-systemctl-helper.sh
script, I did this:

sudo chown root:mythtv /usr/local/bin/mythtv-systemctl-helper.sh
sudo chmod u=rx,g=rx /usr/local/bin/mythtv-systemctl-helper.sh

Then I created a /etc/sudoers.d/mythtv-systemctl-helper file
containing this:

mythtv,%mythtv ALL=NOPASSWD:/usr/local/bin/mythtv-systemctl-helper.sh

which says that the mythtv user or any user in the mythtv group
(%mythtv) can run the mythtv-systemctl-helper.sh file with sudo
without needing a password.  I did this:

sudo chown root:root /etc/sudoers.d/mythtv-systemctl-helper
sudo chmod u=r,g=r /etc/sudoers.d/mythtv-systemctl-helper

to secure that file and make sudo accept it as valid.