doasedit/doasedit

#!/bin/bash
if [ ! -z "${2}" ]; then
	echo "Expected only one argument"
	exit 1
elif [ -z "${1}" ]; then
	echo "No file path provided"
	exit 1
elif [ "$EUID" -eq 0 ]; then
	echo "Cannot be run as root"
	exit 1
fi

set -Eeuo pipefail

destfile_pfx="$(cat /dev/urandom | tr -cd 'a-f0-9' | head -c 32)" || true

while [ -d "/tmp/doasedit/$destfile_pfx" ]; do
	destfile_pfx="$(cat /dev/urandom | tr -cd 'a-f0-9' | head -c 32)"
done

tempdir="/tmp/doasedit/$destfile_pfx"

# we don't want any other users to be able to read what we're doing, so -m700
mkdir -m700 -p $tempdir
trap "rm -rf $tempdir" EXIT
srcfile="$(doas realpath $1)"

if doas [ -f "$srcfile" ]; then
	doas cp -a $srcfile $tempdir/file
	doas cp -a $tempdir/file $tempdir/edit

	# make sure that the file is editable by user
	doas chown $USER:$USER $tempdir/edit
	chmod 600 $tempdir/edit
else
	# create file with "regular" system permissions (root:root 644)
	touch $tempdir/file
	doas chown root:root $tempdir/file
fi

$EDITOR $tempdir/edit

cat $tempdir/edit | doas tee $tempdir/file 1>/dev/null

if doas cmp -s "$tempdir/file" "$srcfile"; then
	echo "Skipping write; no changes."
	exit 0
else
	doas mv -f $tempdir/file $srcfile
	exit 0
fi
add argument checking; fix case where user doesn't have read access to directory 2021-02-03 16:22:41 -05:00			`#!/bin/bash`
			`if [ ! -z "${2}" ]; then`
			`echo "Expected only one argument"`
			`exit 1`
			`elif [ -z "${1}" ]; then`
			`echo "No file path provided"`
			`exit 1`
don't run as root 2021-02-03 17:01:13 -05:00			`elif [ "$EUID" -eq 0 ]; then`
			`echo "Cannot be run as root"`
			`exit 1`
add argument checking; fix case where user doesn't have read access to directory 2021-02-03 16:22:41 -05:00			`fi`

use trap to properly cleanup temporary files 2021-02-03 17:23:53 -05:00			`set -Eeuo pipefail`
add script and update readme 2021-01-30 17:30:41 -05:00
add argument checking; fix case where user doesn't have read access to directory 2021-02-03 16:22:41 -05:00			`destfile_pfx="$(cat /dev/urandom \| tr -cd 'a-f0-9' \| head -c 32)" \|\| true`
add script and update readme 2021-01-30 17:30:41 -05:00
			`while [ -d "/tmp/doasedit/$destfile_pfx" ]; do`
			`destfile_pfx="$(cat /dev/urandom \| tr -cd 'a-f0-9' \| head -c 32)"`
			`done`

move paths to variables 2021-02-03 17:07:23 -05:00			`tempdir="/tmp/doasedit/$destfile_pfx"`

fix some edge cases (srcfile not owned by root or not r/w by root); make sure we don't leak info to other users 2021-09-28 13:39:26 -04:00			`# we don't want any other users to be able to read what we're doing, so -m700`
			`mkdir -m700 -p $tempdir`
use trap to properly cleanup temporary files 2021-02-03 17:23:53 -05:00			`trap "rm -rf $tempdir" EXIT`
add argument checking; fix case where user doesn't have read access to directory 2021-02-03 16:22:41 -05:00			`srcfile="$(doas realpath $1)"`
add script and update readme 2021-01-30 17:30:41 -05:00
add argument checking; fix case where user doesn't have read access to directory 2021-02-03 16:22:41 -05:00			`if doas [ -f "$srcfile" ]; then`
fix some edge cases (srcfile not owned by root or not r/w by root); make sure we don't leak info to other users 2021-09-28 13:39:26 -04:00			`doas cp -a $srcfile $tempdir/file`
			`doas cp -a $tempdir/file $tempdir/edit`

			`# make sure that the file is editable by user`
			`doas chown $USER:$USER $tempdir/edit`
			`chmod 600 $tempdir/edit`
fix non-existent file case 2021-01-31 14:38:31 -05:00			`else`
			`# create file with "regular" system permissions (root:root 644)`
move paths to variables 2021-02-03 17:07:23 -05:00			`touch $tempdir/file`
			`doas chown root:root $tempdir/file`
fix non-existent file case 2021-01-31 14:38:31 -05:00			`fi`
add script and update readme 2021-01-30 17:30:41 -05:00
move paths to variables 2021-02-03 17:07:23 -05:00			`$EDITOR $tempdir/edit`
add script and update readme 2021-01-30 17:30:41 -05:00
move paths to variables 2021-02-03 17:07:23 -05:00			`cat $tempdir/edit \| doas tee $tempdir/file 1>/dev/null`
add script and update readme 2021-01-30 17:30:41 -05:00
fix some edge cases (srcfile not owned by root or not r/w by root); make sure we don't leak info to other users 2021-09-28 13:39:26 -04:00			`if doas cmp -s "$tempdir/file" "$srcfile"; then`
add script and update readme 2021-01-30 17:30:41 -05:00			`echo "Skipping write; no changes."`
use trap to properly cleanup temporary files 2021-02-03 17:23:53 -05:00			`exit 0`
add script and update readme 2021-01-30 17:30:41 -05:00			`else`
move paths to variables 2021-02-03 17:07:23 -05:00			`doas mv -f $tempdir/file $srcfile`
use trap to properly cleanup temporary files 2021-02-03 17:23:53 -05:00			`exit 0`
add script and update readme 2021-01-30 17:30:41 -05:00			`fi`