summaryrefslogtreecommitdiffstats
path: root/bash-completion/setpriv
blob: bdd3b7dabe2fab1ad09df67e66871d7e3c86e0e0 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
_setpriv_module()
{
	local cur prev OPTS
	COMPREPLY=()
	cur="${COMP_WORDS[COMP_CWORD]}"
	prev="${COMP_WORDS[COMP_CWORD-1]}"
	case $prev in
		'--inh-caps'|'--bounding-set')
			local prefix realcur INHERIT_ALL INHERIT
			realcur="${cur##*,}"
			prefix="${cur%$realcur}"
			INHERIT_ALL=$($1 --list-caps| awk '{print $1, "-" $1}')
			for WORD in $INHERIT_ALL; do
				if ! [[ $prefix == *"$WORD"* ]]; then
					INHERIT="$WORD $INHERIT"
				fi
			done
			compopt -o nospace
			COMPREPLY=( $(compgen -P "$prefix" -W "$INHERIT" -S ',' -- $realcur) )
			return 0
			;;
		'--ruid'|'--euid'|'--reuid')
			local UIDS
			UIDS=$(getent passwd | awk -F: '{print $3}')
			COMPREPLY=( $(compgen -W "$UIDS" -- $cur) )
			return 0
			;;
		'--rgid'|'--egid'|'--regid')
			local GIDS
			GIDS=$(getent group | awk -F: '{print $3}')
			COMPREPLY=( $(compgen -W "$GIDS" -- $cur) )
			return 0
			;;
		'--groups')
			local prefix realcur GIDS_ALL GIDS
			realcur="${cur##*,}"
			prefix="${cur%$realcur}"
			GIDS_ALL=$(getent group | awk -F: '{print $3}')
			for WORD in $GIDS_ALL; do
				if ! [[ $prefix == *"$WORD"* ]]; then
					GIDS="$WORD $GIDS"
				fi
			done
			compopt -o nospace
			COMPREPLY=( $(compgen -P "$prefix" -W "$GIDS" -S ',' -- $realcur) )
			return 0
			;;
		'--securebits')
			local SBITS
			SBITS="noroot noroot_locked no_setuid_fixup no_setuid_fixup_locked keep_caps_locked
			-noroot -noroot_locked -no_setuid_fixup -no_setuid_fixup_locked -keep_caps_locked"
			COMPREPLY=( $(compgen -W "$SBITS" -- $cur) )
			return 0
			;;
		'--selinux-label')
			# FIXME: how to list selinux labels?
			COMPREPLY=( $(compgen -W "label" -- $cur) )
			return 0
			;;
		'--apparmor-profile')
			# FIXME: how to list apparmor profiles?
			COMPREPLY=( $(compgen -W "profile" -- $cur) )
			return 0
			;;
		'-h'|'--help'|'-V'|'--version')
			return 0
			;;
	esac
	case $cur in
		-*)
			OPTS="--dump
				--no-new-privs
				--inh-caps
				--bounding-set
				--ruid
				--euid
				--rgid
				--egid
				--reuid
				--regid
				--clear-groupsclear
				--keep-groupskeep
				--groups
				--securebits
				--selinux-label
				--apparmor-profile
				--help
				--version"
			COMPREPLY=( $(compgen -W "${OPTS[*]}" -- $cur) )
			return 0
			;;
	esac
	compopt -o bashdefault
	COMPREPLY=( $(compgen -c -- $cur) )
	return 0
}
complete -F _setpriv_module setpriv