From 3290c272108a4115a411afeed91fa77cbd77141a Mon Sep 17 00:00:00 2001
From: Reyk Floeter <contact@reykfloeter.com>
Date: Wed, 15 Aug 2018 13:48:51 +0200
Subject: [PATCH] If root, don't overwrite doas.conf

---
 agent/main.c | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/agent/main.c b/agent/main.c
index 51b2736..4ec29df 100644
--- a/agent/main.c
+++ b/agent/main.c
@@ -667,8 +667,6 @@ agent_configure(struct system_config *sc)
 
 	/* password */
 	if (sc->sc_password == NULL) {
-		str1 = "/PasswordAuthentication/"
-		    "s/.*/PasswordAuthentication no/";
 		if (asprintf(&str2, "permit keepenv nopass %s as root\n"
 		    "permit keepenv nopass root\n", sc->sc_username) == -1)
 			str2 = NULL;
@@ -677,15 +675,14 @@ agent_configure(struct system_config *sc)
 		    sc->sc_username, NULL) != 0)
 			log_warnx("password failed");
 
-		str1 = "/PasswordAuthentication/"
-		    "s/.*/PasswordAuthentication yes/";
 		if (asprintf(&str2, "permit keepenv persist %s as root\n"
 		    "permit keepenv nopass root\n", sc->sc_username) == -1)
 			str2 = NULL;
 	}
 
 	/* doas */
-	if (str2 == NULL || fileout(str2, "w", "/etc/doas.conf") != 0)
+	if ((strcmp("root", sc->sc_username) != 0) &&
+	    (str2 == NULL || fileout(str2, "w", "/etc/doas.conf")) != 0)
 		log_warnx("doas failed");
 	free(str2);