Add sudoers configuration for homebridge user in Debian Trixie

[Copilot]

Debian Trixie changed sudo behavior: sudo group membership alone no longer grants passwordless access. Homebridge UI's restart/shutdown functionality fails with sudo: a password is required.

Changes

• Created stage3_homebridge/01-homebridge/files/010_homebridge-nopasswd

  • Grants NOPASSWD access to shutdown, reboot, poweroff commands
  • Restricts execution to root user via ALL=(root)
  • Includes both /sbin and /usr/sbin paths for cross-version compatibility

• Modified stage3_homebridge/01-homebridge/00-run.sh

  • Installs sudoers file to /etc/sudoers.d/ with mode 0440

• Created TRIXIE_SUDO_PATCH.md

  • Provides a simple curl-based one-liner for existing installations to apply the fix without re-flashing the image

# stage3_homebridge/01-homebridge/files/010_homebridge-nopasswd
homebridge ALL=(root) NOPASSWD: /sbin/shutdown, /sbin/reboot, /sbin/poweroff, /usr/sbin/shutdown, /usr/sbin/reboot, /usr/sbin/poweroff

For Existing Installations

Users who have already installed the image can apply this fix by running the curl-based one-liner from TRIXIE_SUDO_PATCH.md:

curl -fsSL https://raw.githubusercontent.com/homebridge/homebridge-raspbian-image/latest/stage3_homebridge/01-homebridge/files/010_homebridge-nopasswd | sudo tee /etc/sudoers.d/010_homebridge-nopasswd > /dev/null && sudo chmod 0440 /etc/sudoers.d/010_homebridge-nopasswd && sudo visudo -c

This downloads the sudoers file directly from GitHub, installs it with proper permissions, and validates the syntax.

Original prompt

---

This section details on the original issue you should resolve

<issue_title>With the Trixie Release the ability to Restart or Shutdown is broken</issue_title>
<issue_description>### Describe The Bug

With the Trixie Release the ability to Restart or Shutdown is broken

Logs

[08/12/2025, 19:21:35] [Homebridge UI] Rebooting linux server with command sudo -n shutdown -r now.
[08/12/2025, 19:21:35] [Homebridge UI] Command failed: sudo -n shutdown -r now
sudo: a password is required

[08/12/2025, 19:21:42] [Homebridge UI] Shutting down linux server with command sudo -n shutdown -h now.
[08/12/2025, 19:21:43] [Homebridge UI] Command failed: sudo -n shutdown -h now
sudo: a password is required
```</issue_description>

## Comments on the Issue (you are @copilot in this section)

<comments>
</comments>

• Fixes With the Trixie Release the ability to Restart or Shutdown is broken #177

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

[NorthernMan54]

@copilot - Can we create a simple one liner command for people who have already installed the image to patch there system ? ie wget ....sudo ...

[Copilot]

@copilot - Can we create a simple one liner command for people who have already installed the image to patch there system ? ie wget ....sudo ...

Created TRIXIE_SUDO_PATCH.md with a one-liner command (commit d6b889e). Users can run:

sudo bash -c 'cat > /etc/sudoers.d/010_homebridge-nopasswd << "EOF"
# Allow homebridge user to run shutdown/reboot commands without password
# Both /sbin and /usr/sbin paths are included for compatibility across Debian versions
homebridge ALL=(root) NOPASSWD: /sbin/shutdown, /sbin/reboot, /sbin/poweroff, /usr/sbin/shutdown, /usr/sbin/reboot, /usr/sbin/poweroff
EOF
chmod 0440 /etc/sudoers.d/010_homebridge-nopasswd && visudo -c'

This creates the sudoers file, sets correct permissions, and validates the syntax.

[NorthernMan54]

@copilot Can we make this easier ie something like this approach - curl -fsSL https://example.com/repo-key.asc | sudo gpg --dearmor -o /etc/apt/keyrings/repository-keyring.gpg

[Copilot]

@copilot Can we make this easier ie something like this approach - curl -fsSL https://example.com/repo-key.asc | sudo gpg --dearmor -o /etc/apt/keyrings/repository-keyring.gpg

...

Updated with a simpler curl-based approach (commit f6c54f8):

curl -fsSL https://raw.githubusercontent.com/homebridge/homebridge-raspbian-image/latest/stage3_homebridge/01-homebridge/files/010_homebridge-nopasswd | sudo tee /etc/sudoers.d/010_homebridge-nopasswd > /dev/null && sudo chmod 0440 /etc/sudoers.d/010_homebridge-nopasswd && sudo visudo -c

This downloads the sudoers file directly from GitHub and installs it with proper permissions.

[NorthernMan54]

@copilot what does this do sudo visudo -c

[Copilot]

@copilot what does this do sudo visudo -c

sudo visudo -c validates the syntax of all sudoers files. It checks for errors without making any changes. If there's a syntax error in the sudoers file we just created, it will report it and prevent potential system lockout issues.