a POSIX shell script replacement for sudoedit using doas. Inspired by this Reddit comment.
I've already accidentally deleted a configuration file because of a hole in the script. That hole has obviously been fixed since then, along with the addition of several other safety measures, but do know that this script (and most other scripts like it) is doing something very different from how a file is normally edited in-place. It creates a temporary copy and then overwrites the original file at the end.
You'll want to configure doas
such that it doesn't ask for password at every
line of the script using doas
. You can accomplish this with either nopass
or persist
, e.g.:
# allow users in group 'admin' to use doas without asking for password
# (more dangerous)
permit nopass :admin
# allow users in group 'admin' to use doas with password, but not asking for
# some time after first successful authentication
permit persist :admin