[ERROR] sudo: unrecognized option '--preserve-env=EDITOR'

[d3-X-t3r]

I'm trying to run pikaur in Arch as a normal user, eg pikaur -S foo, which calls sudo internally. But this fails with doas-sudo-shim with the error:

sudo: unrecognized option '--preserve-env=EDITOR'
Usage:
  sudo (-i | -s) [-n] [-u <user>] [<command> [--] [<args>...]]
  sudo [-ins] [-u <user>] <command> [--] [<args>...]
  sudo [-h]

Execute a command as another user using doas(1).

This is not the original sudo, but the doas shim for sudo. It supports only
a subset of the sudo options (both short and long) that have an equivalent in
doas, plus option -i (--login). Refer to sudo(1) for more information.

Please report bugs at <https://github.com/jirutka/doas-sudo-shim/issues>.

Distro: Arch Linux
App: pikaur v1.20.r6.g1821e8d

[jirutka]

doas (OpenDoas) doesn’t have any equivalent for this option, so there’s nothing we can do about it.

[vladaviedov]

doas (OpenDoas) doesn’t have any equivalent for this option, so there’s nothing we can do about it.

What about using the env command? It's not pretty, but converting the call to doas env EDITOR=$EDITOR does get the job done.

[jirutka]

doas env EDITOR=$EDITOR does get the job done.

This also bypasses doas’ security mechanism for filtering environment variables. Even sudo’s --preserve-env is subordinate to the configured security rules.

I don’t see any way how to implement this securely in a simple shell script.