My answer. Yet a solution of how to just elevate and decrease privileges (actually, conceptually without even wrapping, existing separately) or to fully switch to root and back is required.
Basing on suggestions of me, LeonidMew and WinEunuuchs2Unix, here is the workaround. The -H option is usually a good choice so I include it.
There are two workarounds (bash can be replaced with sh):
1) sudo -H /bin/bash -c ‘commands’ and
2) sudo -H /bin/bash -c “commands” (as well as the heredoc format, sudo -H /bin/bash <<EOF <lines with commands> EOF).
1) Variables from outside are not visible inside automatically. They would have to be moved inside, be double-defined or be passed as arguments. I could not make or pass a short (re)declaration of an external function like $(declare -f functionname) inside (maybe it is yet possible), but it worked if I just moved it inside.
2) Only copies of variables from outside are passed inside. You will have to escape with \ constructs $(...), $PWD or other locally defined variables, AND commenting with # may not work (as with the #$(declare -f ...)). Arguments like $1 are the ones of the whole script and cannot be passed inside as local variables. Externally defined functions are not visible inside but can be redeclared inside like $(declare -f functionname).
In the both cases you can get output through files or a fast string-output from stdout (or several space-separated variables) through the wrapping res=$(...). You can see an example here: https://stackoverflow.com/a/23567255 . Though after the wrapping all EOLs are converted into spaces. Maybe export, designed to pass variables to subprocesses, will help to avoid that wrapping or the usage of files, but somehow it didn’t work for me.
The case 1) seems to be the best default choice and will most likely require less modifications of the existing code, contrary to the case 2) when a careful modification of the existing code will usually be required. Maybe you will find the both cases useful simultaneously.
This is my simple example:
tmpdir=/tmp/
tmpfile=/tmp/tmpfile
res=$(sudo -H bash -c 'tmpdir=$1; tmpfile=$2
echo "$tmpdir;"
cd $ tmpdir
echo $(pwd)
echo "A string from file" > $tmpfile
' - $tmpdir $tmpfile)
echo $res
arr=($res)
echo ${arr[0]} # Hellooo
echo ${arr[1]} # world;
echo ${arr[*]} # whole array
echo ${#arr[*]} # number of items
n=0
echo ${#arr[$n]} # length of the n-th element
cat $tmpfile
sudo sh -c 'rm -f $2' - - $tmpfile