Only use doasedit(8) if we are root

2 files changed, 13 insertions, 2 deletions

diff --git a/vidoas b/vidoas
index bc01d63..96789ff 100755
--- a/vidoas
+++ b/vidoas
@@ -31,6 +31,8 @@ umask 022
 DOAS_CONF=@DOAS_CONF@
 doas_conf_mode="0600"
 
+[ $(id -u) -eq 0 ] && EDIT="${VISUAL:-${EDITOR:-vi}}" || EDIT=doasedit
+
 warn() { echo "$PROG: $@" >&2; }
 die()  { rv=$1; shift; warn "$@"; exit $rv; }
 
@@ -145,13 +147,13 @@ fi
 # editing errors made.  This is why we ignore the exit code from the
 # editor.
 
-doasedit "$tmp_doas" || true
+"$EDIT" "$tmp_doas" || true
 
 until doas -C "$tmp_doas"; do
 	warn "Press enter to edit doas.conf again to fix it,"
 	warn "or ($(get_intr)) to cancel."
 	read _
-	doasedit "$tmp_doas" || true
+	"$EDIT" "$tmp_doas" || true
 done
 
 # Use mv(1) to rename the temporary file to doas.conf as it is atomic.
diff --git a/vidoas.8 b/vidoas.8
index 56a0734..d5b0d30 100644
--- a/vidoas.8
+++ b/vidoas.8
@@ -33,6 +33,15 @@ utility opens an editor on a temporary copy of the
 .Xr doas 1
 configuration file and checks it for syntax errors before installing it as the
 actual configuration file.
+If edited the doas configuration file requires root permissions, it is opened
+using
+.Xr doasedit 8 ,
+otherwise the editor is either
+.Ev VISUAL ,
+.Ev EDITOR ,
+or
+.Xr vi 1
+in that order.
 .Pp
 The options are as follows:
 .Bl -tag -width Ds