I thought this should be as straightforward as googling for a recipe. It turns out the instructions I found on the internet are just wrong and truly awful.
First, to configure auto-login on Debian running systemd the correct way, run
systemctl edit getty@tty1and enter the following:
[Service] ExecStart= ExecStart=-/sbin/agetty --autologin USERNAME %I $TERMReplace USERNAME with your actual username. Here are the ways that this page got it wrong: on Debian, there is no
/usr/bin/agetty; it is found under
/sbin/agetty. Also, the dangling
Iin the ExecStart line should have been
%Iwhich is the systemd expansion for the instance name. Baud rate should be omitted.
If something goes wrong, just switch to tty2 with Alt-F2 (or Fn-Optoin-F2 on a Mac) and fix the problem. If you have a touch bar, configure it to always show function keys. Otherwise, rebooting with the Debian installer CD into rescue mode always works.
Now, to convince sudo to let me run commands without a password, run
visudoand make sure we swap the user and group specifications with an end result like this:
# Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL # User privilege specification root ALL=(ALL:ALL) ALL myuser ALL=(ALL:ALL) NOPASSWD: ALLThe space between
ALLis optional, and it works either way. What is tricky is that the statements below overrides the ones above. This is counter-intuitive as an access control list, which typically matches top-down. By default, the group specification appears below the user specification, so the group overrides the user, but that makes no sense. It makes more sense for the individual user setting to override the group one.
I don't have a lot of high hopes for a man page that begins with a quick guide to EBNF.