pothos/systemd-sudo.sh

## systemd-sudo.sh
#!/bin/bash
set -euo pipefail

MYNAME=$(basename "${0}")

opts=$(getopt --name "$MYNAME" --options 'hVsEnu:g:D:' \
       --longoptions 'help,version,shell,preserve-env,non-interactive,user:,group:,chdir:' -- "${@}")
eval set -- "${opts}"

U=0
G=0
SHELLARGS=()
NOINTERACTIVEARGS=()
ENVARGS=()
WDIR="$PWD"
while true; do
  case "$1" in
  -h|--help)
      echo "$MYNAME - execute a command as another user through systemd-run (no SUID binary involved except /usr/lib/polkit-1/polkit-agent-helper-1), recognizes set PATH in contrast to sudo"
      echo "usage: $MYNAME -h"
      echo "usage: $MYNAME [-En] [-D directory] [-g group] [-u user] [-s] [<command>]"
      echo
      echo "Options:"
      echo "-D, --chdir=directory         change the working directory before running command"
      echo "-E, --preserve-env            preserve user environment when running command (includes PATH in constrast to sudo)"
      echo "-g, --group=group             run command as the specified group name or ID"
      echo "-h, --help                    display help message and exit"
      echo "-n, --non-interactive         non-interactive mode, no prompts are used"
      echo "-s, --shell                   run shell as the target user; a command may also be specified"
      echo "-u, --user=user               run command (or edit file) as specified user name or ID"
      echo "-V, --version                 display version information and exit"
      echo "--                            stop processing command line arguments"
      echo "The following sudo options will not be supported: -A -B -C -e -h -i -K -k -l -p -r -S -t -U -v"
      echo "TODO: implement setting env vars by specifying VAR=VALUE"
      echo "TODO: implement --preserve-env=list"
      echo "TODO: implement -P -S -b -H -R -T"
      exit 1
    ;;
  -V|--version)
    echo "systemd-sudo version 0.1"
    exit 0
    ;;
  -s|--shell)
    # runs "$SHELL"
    SHELLARGS=("-S" "--pty")
    ;;
  -E|--preserve-env)
    ENVARGS=()
    # Extra "sh -c" is needed to only export the exported variables
    for VARNAME in $(sh -c 'compgen -v'); do
      set +u
      VAL="${!VARNAME}"
      set -u
      ENVARGS+=("--setenv" "${VARNAME}=${VAL}")
    done
    ;;
  -n|--non-interactive)
    NOINTERACTIVEARGS=("--no-ask-password")
    ;;
  -D|--chdir)
    WDIR="$1"
    shift
    ;;
  -u|--user)
    UNAME="$1"
    shift
    U=$(id -u "$UNAME")
    ;;
  -g|--group)
    GNAME="$1"
    G=$(id -g "$GNAME")
    shift
    ;;
  --)
    shift
    break;;
  esac
  shift
done

exec systemd-run --system --quiet --wait --collect --pipe --working-directory "$WDIR" --uid "$U" --gid "$G" "${SHELLARGS[@]}" "${NOINTERACTIVEARGS[@]}" "${ENVARGS[@]}" -- "$@"
	#!/bin/bash
	set -euo pipefail

	MYNAME=$(basename "${0}")

	opts=$(getopt --name "$MYNAME" --options 'hVsEnu:g:D:' \
	--longoptions 'help,version,shell,preserve-env,non-interactive,user:,group:,chdir:' -- "${@}")
	eval set -- "${opts}"

	U=0
	G=0
	SHELLARGS=()
	NOINTERACTIVEARGS=()
	ENVARGS=()
	WDIR="$PWD"
	while true; do
	case "$1" in
	-h\|--help)
	echo "$MYNAME - execute a command as another user through systemd-run (no SUID binary involved except /usr/lib/polkit-1/polkit-agent-helper-1), recognizes set PATH in contrast to sudo"
	echo "usage: $MYNAME -h"
	echo "usage: $MYNAME [-En] [-D directory] [-g group] [-u user] [-s] [<command>]"
	echo
	echo "Options:"
	echo "-D, --chdir=directory change the working directory before running command"
	echo "-E, --preserve-env preserve user environment when running command (includes PATH in constrast to sudo)"
	echo "-g, --group=group run command as the specified group name or ID"
	echo "-h, --help display help message and exit"
	echo "-n, --non-interactive non-interactive mode, no prompts are used"
	echo "-s, --shell run shell as the target user; a command may also be specified"
	echo "-u, --user=user run command (or edit file) as specified user name or ID"
	echo "-V, --version display version information and exit"
	echo "-- stop processing command line arguments"
	echo "The following sudo options will not be supported: -A -B -C -e -h -i -K -k -l -p -r -S -t -U -v"
	echo "TODO: implement setting env vars by specifying VAR=VALUE"
	echo "TODO: implement --preserve-env=list"
	echo "TODO: implement -P -S -b -H -R -T"
	exit 1
	;;
	-V\|--version)
	echo "systemd-sudo version 0.1"
	exit 0
	;;
	-s\|--shell)
	# runs "$SHELL"
	SHELLARGS=("-S" "--pty")
	;;
	-E\|--preserve-env)
	ENVARGS=()
	# Extra "sh -c" is needed to only export the exported variables
	for VARNAME in $(sh -c 'compgen -v'); do
	set +u
	VAL="${!VARNAME}"
	set -u
	ENVARGS+=("--setenv" "${VARNAME}=${VAL}")
	done
	;;
	-n\|--non-interactive)
	NOINTERACTIVEARGS=("--no-ask-password")
	;;
	-D\|--chdir)
	WDIR="$1"
	shift
	;;
	-u\|--user)
	UNAME="$1"
	shift
	U=$(id -u "$UNAME")
	;;
	-g\|--group)
	GNAME="$1"
	G=$(id -g "$GNAME")
	shift
	;;
	--)
	shift
	break;;
	esac
	shift
	done

	exec systemd-run --system --quiet --wait --collect --pipe --working-directory "$WDIR" --uid "$U" --gid "$G" "${SHELLARGS[@]}" "${NOINTERACTIVEARGS[@]}" "${ENVARGS[@]}" -- "$@"