Added security and functionality.

- Introduced a sudo-nopasswd script that allows users to edit and update
  in one shot.
- Use random suffix on temp files to avoid collisions and hacks.

src/update-sudo-nopasswd

@@ -1,9 +1,15 @@
 #!/bin/bash
 set -e
-SHARE_DIR="/usr/share/sudo-nopasswd"
+[ "$EUID" -eq 0 ] || { sudo "$0" "$@"; exit $?; }
+SHARE_ROOTS=("$HOME/.local/share" "/usr/local/share" "/usr/share")
+for SHARE_ROOT in "${SHARE_ROOTS[@]}"; do
+	if [ -d "$SHARE_ROOT/sudo-nopasswd" ]; then
+		SHARE_DIR="$SHARE_ROOT/sudo-nopasswd"
+		break
+	fi
+done
 CONSTANTS="sudo_no_passwd_constants.sh"
 source "$SHARE_DIR/$CONSTANTS"
-[ "$EUID" -eq 0 ] || { sudo "$0" "$@"; exit $?; }
 cp "$SUDOERS_FILE" "$SUDOERS_BAK"
 
 if grep -q "^%sudo.*NOPASSWD" "$SUDOERS_FILE"; then
@@ -41,4 +47,4 @@ cat "$ETC_FILE" |
 diff -u "$BEFORE_COMMANDS" "$AFTER_COMMANDS" --color=always |
     grep $'^\x1b\\[[0-9;]*m[+-]' |
     grep -Ev $'^\x1b\\[[0-9;]*m([+][+][+]|[-][-][-])'
-rm "$BEFORE_COMMANDS" "$AFTER_COMMANDS"
+rm "$BEFORE_COMMANDS" "$AFTER_COMMANDS"