You don't need `sudo` for the pi user ..

[skx]

As a result of fixing #2, you've switched to adding a command to /etc/rc.local. You've added:

su pi -c '/usr/bin/sudo /usr/bin/python3 /home/pi/raspberry-pi-turnkey/startup.py &'

The script rc.local will be launched as root, via the boot-up process:

• If you want to run commands as root you just do that!
• If you want to run commands as the user pi you can use su pi -c command-to-run

You seem to be trying to do both:

• You run su pi -c '....' to run the command as the user pi
• But then the command to run is sudo ....
  • Which will fail, since sudo will prompt for a password anyway ..

[schollz]

Thanks. The problem is I don't want to run as root completely - just some things (like starting up hostapd, rewriting wpa configuration) - and I still want to use the paths that are specified in the /home/pi/.profile (non-root).

To get the best of both worlds, I also switched the README so that pi is in the sudoers: "Add pi to the sudoers, so that you can run sudo commands without having to be root (so that all the paths to your programs are unchanged)."

[skx]

If you just want to source ~pi/.profile you could run su with the -l flag..?

[ptwz]

Maybe you could move the parts that require root access to a different script with proper input sanitation and make it setuid root. Then call this separate script and let it do the "dirty" root work. Classic UNIX programs started out as root, bound the ports and then used setuid() to drop the privileges once ready to work

[skx]

Closing due to inaction, and the fact that it's a suggestion / matter of taste.