Can I get help with my bash script? Beginner Bash Scripter

UndiePatrol · 2025-11-07 23:10:19

Hello, I am having fun bash scripting because I see the potential. I am still a beginner but, I can learn and am willing.
Here is my mock-up
==========================================================================================

#!/usr/bin/env bash

name="myname"
echo "Hello, $name. Please give us a second as we populate you arch-linux post install set-up

sudo pacman-key --init
sudo pacman-key --populate archlinux
sudo pacman -S wine dolphin-emu ppsspp gparted partitionmanager lutris obs-studio git discord firefox firewalld bluez bluez-utils vlc vlc-plugins-all steam seahorse flameshot lact virtualbox virtualbox-host-modules-arch yt-dlp libimobiledevice ifuse okular python-pip tk xdotool xorg-xwininfo gtksourceview3
sudo systemctl enable firewalld
sudo systemctl start firewalld
sudo systemctl enable bluetooth.service
sudo systemctl enable --now lactd

if command -v git &> ./git; then
[Tab Insert]echo "Application git is available."
[Tab Insert]git clone ....
[Tab Insert]cd ventoy-bin
[Tab Insert]makepkg -si
fi

echo "The exit code for this process is: $?"

=====================================================================================================
Problems w/ my own script:
- Constantly prompted y/n & sudo password (therefore it is not fully automated)
- The git clone/makepkg -si process still prompts me for y/n & sudo password
- In regards to git clone/makepkg -si process, how do I do mutiple of these.....automated.....one by one down the line

Personal Request To More Knowledgeable Members:
- Please teach me and explain to me what they do, I do make my own notes and I get a satisfaction from figuring things out. I am stumped now though and I don't want to rely on AI too much. I genuinely like using my brain.
- Explain why people and how people use bash and python together, what are the pros & cons
- Any new ideas to pass onto a beginner bash scripter? & as far a python I understand it somewhat but, I don't know how to make anything.

Future Personal Project:
- How to make my own script that will update the Arch-linux system every week or so

teckk · 2025-11-07 23:55:19

Don't put sudo into a bash script. Run the script as root if you need it.

if [ $(whoami) != 'root' ]; then
    echo "Must be root or sudo to run $0"
    exit
fi

Scimmia · 2025-11-07 23:59:07

teckk wrote:

Don't put sudo into a bash script. Run the script as root if you need it.

That doesn't work when running python-pip and makepkg.

dimich · 2025-11-08 00:34:42

UndiePatrol wrote:

- Constantly prompted y/n

Use pacman's --noconfirm option for non-interactive operations.

UndiePatrol wrote:

& sudo password (therefore it is not fully automated)

Create dedicated user with interactive login disabled. Configure sudo to run necessary pacman commands by this user without a password. Run your script as that user.

UndiePatrol wrote:

- The git clone/makepkg -si process still prompts me for y/n & sudo password

git shouldn't do that. What exactly does git prompt?
makepkg prompts for password in order to run pacman for -si.

UndiePatrol wrote:

- In regards to git clone/makepkg -si process, how do I do mutiple of these.....automated.....one by one down the line

packages=(
  foo
  bar
  baz
)

for pkg in "${packages[@]}"; do
  # Do something with "$pkg"
   ...
done

Consider to use

set -e

at the beginning of the script to stop execution if any command failed.

UndiePatrol wrote:

- How to make my own script that will update the Arch-linux system every week or so

This doesn't look like a good idea. Update may require manual intervention.

seth · 2025-11-08 09:25:42

tekk wrote:

Don't put sudo into a bash script. Run the script as root if you need it.

I'd say that very much depends on the UID requirements of the script: one should™ limit the UID0 processes as much as possible, there's no point in running an entire script as UID0 if only a single instruction actually needs those.
eg.: as Scimmia pointed out, makepkg won't allow you to run as UID0 at all.
Discussion is to be head as the whether hardcoding the lever is ok (for a local script: sure why not) and whether it makes sense to allocate (and bounce) credentials early on to allow a long running script to ask for credentials once early on and then use them much later.

I doubt the sudo prompts are /that/ constantly, the problem will be between

sudo systemctl enable --now lactd # last cred cache bump

if command -v git &> ./git; then
   echo "Application git is available."
   git clone ....
   cd ventoy-bin
   makepkg -si # makepkg is gonna ask you for the sudo password at the end

https://man.archlinux.org/man/sudo.8#v
https://man.archlinux.org/man/sudoers.5.en / look for timestamp_timeout

A possible approach would be to run "makepkg -s" in a forked subshell, frequently bump the cred cache while waiting for that to end and then sudo makepkg -i at the end, depending on the success of the building step.

Succulent of your garden · 2025-11-08 12:36:07

this:

dimich wrote:

Create dedicated user with interactive login disabled. Configure sudo to run necessary pacman commands by this user without a password. Run your script as that user.

and this:

seth wrote:

https://man.archlinux.org/man/sudoers.5.en / look for timestamp_timeout

needs to edit the same file, but I highly recommend you, in case you don't know yet, that for that use sudo visudo to edit it. Visudo let you know if you are making syntax mistakes in your file, so it shows you a warning. It helps you to not brick your system accounts. So make the changes with visudo please. Probably here all we know that but since you seems to be new to Linux I just think is okey to said that.

I'm going to talk about the script, among other questions you have in another post ^^

Last edited by Succulent of your garden (2025-11-08 12:36:39)

Succulent of your garden · 2025-11-08 13:10:07

This entire block of code it does required root privileges as you know:

UndiePatrol wrote:

sudo pacman-key --init
sudo pacman-key --populate archlinux
sudo pacman -S wine dolphin-emu ppsspp gparted partitionmanager lutris obs-studio git discord firefox firewalld bluez bluez-utils vlc vlc-plugins-all steam seahorse flameshot lact virtualbox virtualbox-host-modules-arch yt-dlp libimobiledevice ifuse okular python-pip tk xdotool xorg-xwininfo gtksourceview3
sudo systemctl enable firewalld
sudo systemctl start firewalld
sudo systemctl enable bluetooth.service
sudo systemctl enable --now lactd

One solution as some people say here is to just run your script as root, or add your user to the wheel group, and edit the sudoers file with visudo to let your user account run sudo commands without asking for password, you can specify which commands are allowed to run with NOPASSWD: in the sudoers file, so you just simply not let that your user can run any command without asking password, unless you really want to do that.

Also this line of your code is redundant

sudo systemctl start firewalld

if you make this first:

sudo systemctl enable firewalld --now

The same can be applied to bluetooth and lactd ^^

This part of the script:

if command -v git &> ./git; then
[Tab Insert]echo "Application git is available."
[Tab Insert]git clone ....
[Tab Insert]cd ventoy-bin
[Tab Insert]makepkg -si
fi

The main problem is with the makepkg -si. You can fix that using the same approach and using the --no-confirm flag that was said before. But I highly recommend that you check really well what are you going to install and if you trust the code on it, and also if you think is okey to have some commands in your user account that can be executed without asking password authentication, like makepkg, so this really can work if you are okey with the trade offs, and those are okey in the context that you are working in your machine.

As for me the first part of the script I would just run it as root user, since it seems a setup part that is only going to be used once, you are installing and configuring the system so probably it's okey to run that script with root or using sudo /.Your_script.sh the second it's going to depend what are you installing, if you are installing something that you created 100% by yourself then it's okey if you trust your code. If for example is a thing that uses external packages from npm then probably I would say be careful on that.

UndiePatrol wrote:

Please teach me and explain to me what they do, I do make my own notes and I get a satisfaction from figuring things out. I am stumped now though and I don't want to rely on AI too much. I genuinely like using my brain.

Nice, many around here appreciate that kind of mentality ^^ , so keep on that and nice attitude and we are going to help you

UndiePatrol wrote:

- Explain why people and how people use bash and python together, what are the pros & cons

That's going to depend of the context on what are your working, probably in some cases you really don't need python at all. The magic of python is that is just a glue language for really good c++ code. Most of the more used libraries in pytorch are made in c++, so python is just more like wrapper for that, so you can just write fast things in a very high level language approach. Maybe if you need to work with data files like .csv and need to do some processioning then you could use python for just doing that and then came back to your shell script which is bash in your case. I guess in the context that you are saying is more like using numpy, seaborn or matplotlib and pandas. Maybe you need to create some histograms and for that you could use seaborn for example. But it's really going to depend in the context of what are you doing.

For running python in bash you just need to run your python script file in your bash script, but probably it's going to create a sub process for that only for python, so keep that in mind. I think that the cons are that python is slow by default if you are not using gpu accelerated libraries, it runs by default in just one cpu thread. The pro is that maybe you can write things fast and easily to understand for everyone in long story short.

UndiePatrol wrote:

- Any new ideas to pass onto a beginner bash scripter? & as far a python I understand it somewhat but, I don't know how to make anything.

It's going to depend what are you going to do. Assuming you want to create GUI non webapp programs or if you want to create webapps. In practice you can using flask or django and other stuff. In practice you just need to read the documentation of libraries and frameworks that you are going to use. But if you are really newbie then focus on learning OOP first and what are APIs and maybe ABIs, then if you are interested in web development learn about it, learn how to do frontend, backends and all that stuff.

UndiePatrol wrote:

Future Personal Project:
- How to make my own script that will update the Arch-linux system every week or so

That's very simple. But try to do it yourself first. For that you should need to use anacron, not cron, anacron ^^, then just put the script path in your anacron config file

Last edited by Succulent of your garden (2025-11-08 13:15:08)

seth · 2025-11-08 13:14:36

The timestamp_timeout defaults to 5 minutes, that should be plenty and reasonable enough to keep it there (you don't want to set it to 7 days or stuff like that and if you need to carry the creds over long running jobs, you're looking for a dynamic solution - 10 minutes can be 9 minutes too long or one minute too little)

That being said: ALWAYS use visudo to edit sudoers - whether you're using vi or vim as sudo/editor or nano or … doesn't matter.

UndiePatrol · 2025-11-08 15:51:13

#!/usr/bin/env bash

name="Mr. name"
echo "Hello, $name. Please give us a second as we populate your arch-linux setup"
if [ $(whoami) != 'root' ]; then
echo "Must be root or sudo to run $0"
sudo pacman-key --init
sudo pacman-key --populate archlinux
yes | pacman -S wine dolphin-emu ppsspp gparted partitionmanager lutris obs-studio git discord firefox firewalld bluez bluez-utils vlc vlc-plugins-all steam seahorse flameshot lact virtualbox virtualbox-host-modules-arch yt-dlp libimobiledevice ifuse okular python-pip tk xdotool xorg-xwininfo gtksourceview3
sudo systemctl enable firewalld --now
sudo systemctl enable bluetooth.service -now
sudo systemctl enable lactd --now

if command -v git &> /usr/bin/git; then
echo "Application git is available."
fi
fi

echo "The exit code for this process is: $?"

=======================================================================
Output:

Hello, Mr. name. Please give us a second as we populate your arch-linux setup
Must be root or sudo to run /usr/local/bin/script.sh
==> Appending keys from archlinux.gpg...
==> Updating trust database...
gpg: next trustdb check due at 2025-12-31
error: you cannot perform this operation unless you are root.
/usr/local/bin/script.sh: line 14: /usr/bin/git: Permission denied
The exit code for this process is: 0

===================================================================
My Personal Notes:

Bash Scripting Notes
=====================
- 1st line is called the shebang, it determines the interpreter. A great shebang to almost always use is.....#!/usr/bin/env bash..... The reason we use this shebang is because it is 'portable' across multiple systems.
- nano 'scriptname'.sh..... This will create the script template
> We need to give it permission to be executable
>> sudo chmod +x 'scriptname'.sh
> To execute the script, its usually /home/'nameofUSR'/'scriptname'.sh
- pacman's --noconfirm option bypasses all confirmation prompts, making it great for automation
> it defualts to "no" to force a "yes", you can pipe the yes command into pacman like: yes | pacman -Syu
.
Bash Scripting Advice From Others
=================================
- AVOID using sudo, its a security risk.
- Create a dedicated user to run scripts with no password and disabled interactive login.
> useradd -m -s /user/bin/nologin username
>> -m creates the user's home directory
>> -s login shell for the new account
>>> To make certain the user doesn't have a password, you can remove it by passwd -d username *only works as root user*
- They will also need sudo prefix to avoid usage of the command as a security protocol.
> sudo usermod -aG wheel username
> sudo EDITOR=nano visudo
> Scroll all the way down, look for # %wheel ALL=(ALL) ALL. Uncomment the one without password option by deleting the #

Bash Script Testing-it-out Components
===============================
1. Run your scripts as a dedicated usr while avoiding the usage of sudo
runuser -l username -c '/home/q/script.sh
> -l logins in as username
> -c passes a single command to shell

=====================================================================
Questions & statements I for the community...

- if [ $(whoami) != 'root' ]; then
echo "Must be root or sudo to run $0" <----- this is awesome it worked credit: teckk

- I removed more redundancy as mentioned <----- great!

- I tried creating a user with passwordless and no interactive login with sudo (i did use visudo i promise, but im new so it is a little overwhelming) and it made the process kind of complicated to clarify, I went into a rabbit hole of trying to get it to work. Above us are the notes I took. In the end, it didn't work because for the systemctl & pacman-key it required root, so on arch-linux kde it kept prompting an authentication required with the option of switching from the root to the created user and it repeated that 5x.

- How do I use pacman's --noconfirm in the context of this script? Can I just get 1 example or hint, and I swear I'll put in the work.

- I learned so much that I have a headache, but you guys are awesome and I appreciate you

- Also how are you guys quoting each other like that, ??

==================================================================
Community Mentioned Advice I Haven't Tried Yet Or Dont Understand

- Dimich suggested:

packages=(
foo
bar
baz
)

for pkg in "${packages[@]}"; do
# Do something with "$pkg"
...
done

Consider to use

set -e

UndiePatrol: I haven't tried this yet, I also don't understand but its because I haven't tried yet.

- Succulent of your garden suggested:

That's very simple. But try to do it yourself first. For that you should need to use anacron, not cron, anacron ^^, then just put the script path in your anacron config file

UndiePatrol: I don't know this yet, I will look it up

- Seth suggested:

A possible approach would be to run "makepkg -s" in a forked subshell, frequently bump the cred cache while waiting for that to end and then sudo makepkg -i at the end, depending on the success of the building step.

UndiePatrol: I understand what you're saying, I don't know how to do it (yet) the arch-linux skill ceiling is friggin steep omg.

Extra thanks to Succulent of your garden my brain actually hurts theres so much to learn and im grateful & appreciative. You mentioned: C++, python, Django, Flask, I was looking into those. I want to make a nonprofit mmo like Ragnarok online and just make it "word of mouth" and make one heavenly happiness in this world (just a silly dream, but i wonder if i throw spare time at it maybe something will be produced). It's just a lot of self learning for me, and even though its difficult I'm enjoying it.

Last edited by UndiePatrol (2025-11-08 16:01:41)

seth · 2025-11-08 20:09:40

Please use [code][/code] tags. Edit your post in this regard.

"yes | pacman -S " isn't going to work, you'll probably have to update the database, thus the system and also this requires root permissions.

Succulent of your garden · 2025-11-08 21:55:56

UndiePatrol wrote:

- AVOID using sudo, its a security risk.

It's only a security risk if you are using it to run scripts/programs that you don't know what are doing 100%. It's totally fine to do some stuffs with sudo if they really need it and you know what are they doing. It's common sense in some way, but yep, if you can avoid using privilege escalation then do it. That doesn't mean that running sudo without password is that, it's not. Sudo is for asking the privilege escalation, some times you need it.

UndiePatrol wrote:

Extra thanks to Succulent of your garden my brain actually hurts theres so much to learn and im grateful & appreciative. You mentioned: C++, python, Django, Flask, I was looking into those. I want to make a nonprofit mmo like Ragnarok online and just make it "word of mouth" and make one heavenly happiness in this world (just a silly dream, but i wonder if i throw spare time at it maybe something will be produced). It's just a lot of self learning for me, and even though its difficult I'm enjoying it.

^^ doing a quick search it seems that cocos2d is still a thing for making games in python, but not sure if the python version it does provide cross compatibility support for different operative systems. If you are into the open source things maybe godot is what are you looking for. But be in mind that using those kind of tools usually need a licence when you publish games and sometimes a fee. So try first to see what engine would be better for your money needs. All engines have their pros and cons, so maybe if you are going full 3d game then unreal is better than godot [but maybe you are going to pay more for licensing and fee for the games], but if you wanna make some kind of 2d game then maybe unreal is an overkill and you can do it in godot, it really depends also in your ambitions, some kind of physics stuff in the engines exists and in other don't or it's not that good, so make your research. The only way to not pay any single penny to anybody is to make the engine by yourself, which could be nice and a hard task to do, but in that case you will avoid the paying fees for using third party engines , some folks do that, big brain C or C++ by the way. I'm not a game developer by the way

UndiePatrol wrote:

- Also how are you guys quoting each other like that, ??

Read this ^^ https://bbs.archlinux.org/help.php#url

Last edited by Succulent of your garden (2025-11-08 21:57:25)

Arch Linux

#1 2025-11-07 23:10:19

Can I get help with my bash script? Beginner Bash Scripter

#2 2025-11-07 23:55:19

Re: Can I get help with my bash script? Beginner Bash Scripter

#3 2025-11-07 23:59:07

Re: Can I get help with my bash script? Beginner Bash Scripter

#4 2025-11-08 00:34:42

Re: Can I get help with my bash script? Beginner Bash Scripter

#5 2025-11-08 09:25:42

Re: Can I get help with my bash script? Beginner Bash Scripter

#6 2025-11-08 12:36:07

Re: Can I get help with my bash script? Beginner Bash Scripter

#7 2025-11-08 13:10:07

Re: Can I get help with my bash script? Beginner Bash Scripter

#8 2025-11-08 13:14:36

Re: Can I get help with my bash script? Beginner Bash Scripter

#9 2025-11-08 15:51:13

Re: Can I get help with my bash script? Beginner Bash Scripter

#10 2025-11-08 20:09:40

Re: Can I get help with my bash script? Beginner Bash Scripter

#11 2025-11-08 21:55:56

Re: Can I get help with my bash script? Beginner Bash Scripter

Board footer