98 lines
2.3 KiB
Plaintext
98 lines
2.3 KiB
Plaintext
_setpriv_module()
|
|
{
|
|
local cur prev OPTS
|
|
COMPREPLY=()
|
|
cur="${COMP_WORDS[COMP_CWORD]}"
|
|
prev="${COMP_WORDS[COMP_CWORD-1]}"
|
|
case $prev in
|
|
'--inh-caps'|'--bounding-set')
|
|
local prefix realcur INHERIT_ALL INHERIT
|
|
realcur="${cur##*,}"
|
|
prefix="${cur%$realcur}"
|
|
INHERIT_ALL=$($1 --list-caps| awk '{print $1, "-" $1}')
|
|
for WORD in $INHERIT_ALL; do
|
|
if ! [[ $prefix == *"$WORD"* ]]; then
|
|
INHERIT="$WORD $INHERIT"
|
|
fi
|
|
done
|
|
compopt -o nospace
|
|
COMPREPLY=( $(compgen -P "$prefix" -W "$INHERIT" -S ',' -- $realcur) )
|
|
return 0
|
|
;;
|
|
'--ruid'|'--euid'|'--reuid')
|
|
local UIDS
|
|
UIDS=$(getent passwd | awk -F: '{print $3}')
|
|
COMPREPLY=( $(compgen -W "$UIDS" -- $cur) )
|
|
return 0
|
|
;;
|
|
'--rgid'|'--egid'|'--regid')
|
|
local GIDS
|
|
GIDS=$(getent group | awk -F: '{print $3}')
|
|
COMPREPLY=( $(compgen -W "$GIDS" -- $cur) )
|
|
return 0
|
|
;;
|
|
'--groups')
|
|
local prefix realcur GIDS_ALL GIDS
|
|
realcur="${cur##*,}"
|
|
prefix="${cur%$realcur}"
|
|
GIDS_ALL=$(getent group | awk -F: '{print $3}')
|
|
for WORD in $GIDS_ALL; do
|
|
if ! [[ $prefix == *"$WORD"* ]]; then
|
|
GIDS="$WORD $GIDS"
|
|
fi
|
|
done
|
|
compopt -o nospace
|
|
COMPREPLY=( $(compgen -P "$prefix" -W "$GIDS" -S ',' -- $realcur) )
|
|
return 0
|
|
;;
|
|
'--securebits')
|
|
local SBITS
|
|
SBITS="noroot noroot_locked no_setuid_fixup no_setuid_fixup_locked keep_caps_locked
|
|
-noroot -noroot_locked -no_setuid_fixup -no_setuid_fixup_locked -keep_caps_locked"
|
|
COMPREPLY=( $(compgen -W "$SBITS" -- $cur) )
|
|
return 0
|
|
;;
|
|
'--selinux-label')
|
|
# FIXME: how to list selinux labels?
|
|
COMPREPLY=( $(compgen -W "label" -- $cur) )
|
|
return 0
|
|
;;
|
|
'--apparmor-profile')
|
|
# FIXME: how to list apparmor profiles?
|
|
COMPREPLY=( $(compgen -W "profile" -- $cur) )
|
|
return 0
|
|
;;
|
|
'-h'|'--help'|'-V'|'--version')
|
|
return 0
|
|
;;
|
|
esac
|
|
case $cur in
|
|
-*)
|
|
OPTS="--dump
|
|
--no-new-privs
|
|
--inh-caps
|
|
--bounding-set
|
|
--ruid
|
|
--euid
|
|
--rgid
|
|
--egid
|
|
--reuid
|
|
--regid
|
|
--clear-groupsclear
|
|
--keep-groupskeep
|
|
--groups
|
|
--securebits
|
|
--selinux-label
|
|
--apparmor-profile
|
|
--help
|
|
--version"
|
|
COMPREPLY=( $(compgen -W "${OPTS[*]}" -- $cur) )
|
|
return 0
|
|
;;
|
|
esac
|
|
compopt -o bashdefault
|
|
COMPREPLY=( $(compgen -c -- $cur) )
|
|
return 0
|
|
}
|
|
complete -F _setpriv_module setpriv
|