Add Tramp sudoedit method

* doc/misc/tramp.texi (Quick Start Guide): New section "Using sudoedit".
(External methods) <sudoedit>: Describe.

* lisp/net/tramp-adb.el (tramp-adb-file-name-handler-alist):
* lisp/net/tramp-gvfs.el (tramp-gvfs-file-name-handler-alist):
* lisp/net/tramp-rclone.el (tramp-rclone-file-name-handler-alist):
* lisp/net/tramp-sh.el (tramp-sh-file-name-handler-alist)
* lisp/net/tramp-smb.el (tramp-smb-file-name-handler-alist):
Add handler.

* lisp/net/tramp-sh.el (tramp-sh-handle-set-file-uid-gid): Rename from
`tramp-sh-handle-set-file-uid-gid'.  Handle only remote file names.

* lisp/net/tramp-sudoedit.el: New file.

* lisp/net/tramp.el (tramp-file-name-for-operation): Handle also
`tramp-set-file-uid-gid'.
(tramp-set-file-uid-gid): New defun.
(tramp-get-local-uid, tramp-get-local-gid): Cache result.

* test/lisp/net/tramp-tests.el (tramp--test-sudoedit-p): New defun.
(tramp-test20-file-modes, tramp-test22-file-times)
(tramp--test-sudoedit-p): Use it.

1 files changed, 37 insertions, 0 deletions

diff --git a/doc/misc/tramp.texi b/doc/misc/tramp.texi
index a4946f0b8de..c9f1e75d8e6 100644
--- a/doc/misc/tramp.texi
+++ b/doc/misc/tramp.texi
@@ -468,6 +468,19 @@ The method @option{sg} stands for ``switch group''; the changed group
 must be used here as user name.  The default host name is the same.
 
 
+@anchor{Quick Start Guide: @option{sudoedit} method}
+@section Using @command{sudoedit}
+@cindex method @option{sudoedit}
+@cindex @option{sudoedit} method
+
+The @option{sudoedit} method is similar to the @option{sudo} method.
+However, it is a different implementation: it does not keep an open
+session running in the background.  This is for security reasons; on
+the backside this method is less performant than the @option{sudo}
+method, it is restricted to the @samp{localhost} only, and it does not
+support external processes.
+
+
 @anchor{Quick Start Guide: @option{smb} method}
 @section Using @command{smbclient}
 @cindex method @option{smb}
@@ -919,6 +932,30 @@ NAS hosts.  These dumb devices have severely restricted local shells,
 such as the @command{busybox} and do not host any other encode or
 decode programs.
 
+@item @option{sudoedit}
+@cindex method @option{sudoedit}
+@cindex @option{sudoedit} method
+
+The @option{sudoedit} method allows to edit a file as a different user
+on the local host.  You could regard this as @value{tramp}'s
+implementation of the @command{sudoedit}.  Contrary to the
+@option{sudo} method, all magic file name functions are implemented by
+single @command{sudo @dots{}}  commands.  The purpose is to make
+editing such a file as secure as possible; there must be no session
+running in the Emacs background which could be attacked from inside
+Emacs.
+
+Consequently, external processes are not implemented.
+
+The host name of such remote file names must represent the local host.
+Since the default value is already proper, it is recommended not to
+use any host name in the remote file name, like
+@file{@trampfn{sudoedit,,/path/to/file}} or
+@file{@trampfn{sudoedit,user@@,/path/to/file}}.
+
+Like the @option{sudo} method, a @option{sudoedit} password expires
+after a predefined timeout.
+
 @item @option{ftp}
 @cindex method @option{ftp}
 @cindex @option{ftp} method