I have the following systemd unit file set to automatically update all Arch Linux and AUR packages at the same time (using the yay
AUR helper, of course) while also attempting to temporarily add (and then delete after it’s done, for obvious reasons) a sudoers.d entry to briefly give nobody sudo access to pacman in order to get AUR packages updated:
[Unit]
Description=Automatic Update
After=network-online.target
[Service]
Type=simple
SyslogIdentifier=autoupdate
ExecStartPre=/bin/bash -c 'echo \'nobody ALL= NOPASSWD: /usr/bin/pacman\' > /etc/sudoers.d/autoupdate'
ExecStart=/bin/bash -c \”XDG_CACHE_HOME=/var/tmp PWD=/var/tmp sudo -E -u nobody yay -Syuq --noconfirm --devel --timeupdate\”
ExecStartPost=/usr/bin/rm -f /etc/sudoers.d/autoupdate
KillMode=process
KillSignal=SIGINT
[Install]
WantedBy=multi-user.target
The problem is that bash fails to acknowledge the existence of the closing single quote on the ExecStartPre line:
nobody: -c: line 1: unexpected EOF while looking for matching `’`
nobody: -c: line 2: syntax error: unexpected end of file
This is of course despite the fact that manually typing sudo bash -c ‘echo nobody ALL\=NOPASSWD: /usr/bin/pacman > /etc/sudoers.d/autoupdate’
into my shell succeeds without incident.
What could be causing this discrepancy?
CodePudding user response:
Turns out the overcomplication of the issue was rooted in the use of ExecStartPost=
instead of ExecStopPost=
. Once I changed the former to the latter, the original version of the unit file from long before this was posted (which was far simpler) worked perfectly.
CodePudding user response:
regardless of why you want to use sudo even though you are root..
and without thinking about your code..
Use a script instead
ExecStartPre=/path/to/your/script prestart
ExecStart=/path/to/your/script start
ExecStartPost=/path/to/your/script poststart
your script
#!/bin/bash
case $1 in
prestart) echo "nobody ALL= NOPASSWD: /usr/bin/pacman" > /etc/sudoers.d/autoupdate;;
start) XDG_CACHE_HOME=/var/tmp
PWD=/var/tmp
sudo -E -u nobody yay -Syuq --noconfirm --devel --timeupdate;;
poststart) rm -f /etc/sudoers.d/autoupdate;;
esac