Add sudo support for container/VM hypervisor commands

setup-remote.sh

@@ -198,6 +198,27 @@ if [ "$OS" != "openwrt" ]; then
     done
 fi
 
+# --- Sudoers for container/VM commands ---
+
+SUDOERS_FILE="/etc/sudoers.d/infmap"
+SUDO_CMDS=""
+
+# Detect which hypervisor tools are present
+for cmd in pct qm lxc virsh; do
+    cmd_path=$(command -v "$cmd" 2>/dev/null)
+    if [ -n "$cmd_path" ]; then
+        SUDO_CMDS="${SUDO_CMDS}${USERNAME} ALL=(root) NOPASSWD: ${cmd_path}\n"
+    fi
+done
+
+if [ -n "$SUDO_CMDS" ]; then
+    printf "%b" "$SUDO_CMDS" > "$SUDOERS_FILE"
+    chmod 440 "$SUDOERS_FILE"
+    echo "Sudoers rules added for container/VM commands"
+else
+    echo "No hypervisor tools found, skipping sudoers"
+fi
+
 # --- Summary ---
 
 echo ""
@@ -207,6 +228,9 @@ echo "  Home:     $HOMEDIR"
 echo "  Auth:     key-only (password disabled)"
 echo "  SSH key:  restricted to 'bash -s' (no shell, no forwarding)"
 echo "  Packages: lm-sensors, pciutils, iproute2"
+if [ -n "$SUDO_CMDS" ]; then
+echo "  Sudo:     container/VM commands (pct, qm, lxc, virsh)"
+fi
 echo ""
 echo "Add to your infrastructure.conf:"
-echo "  ${USERNAME}@$(hostname)"
+echo "  $(hostname)"