| _setpriv_module() |
| { |
| local cur prev OPTS |
| COMPREPLY=() |
| cur="${COMP_WORDS[COMP_CWORD]}" |
| prev="${COMP_WORDS[COMP_CWORD-1]}" |
| case $prev in |
| '--ambient-caps'|'--inh-caps'|'--bounding-set') |
| local prefix realcur INHERIT_ALL INHERIT |
| realcur="${cur##*,}" |
| prefix="${cur%$realcur}" |
| INHERIT_ALL=$($1 --list-caps| awk '{print $1, "-" $1}') |
| for WORD in $INHERIT_ALL; do |
| if ! [[ $prefix == *"$WORD"* ]]; then |
| INHERIT="$WORD ${INHERIT:-""}" |
| fi |
| done |
| compopt -o nospace |
| COMPREPLY=( $(compgen -P "$prefix" -W "$INHERIT" -S ',' -- $realcur) ) |
| return 0 |
| ;; |
| '--ruid'|'--euid'|'--reuid') |
| local UIDS |
| UIDS=$(getent passwd | awk -F: '{print $3}') |
| COMPREPLY=( $(compgen -W "$UIDS" -- $cur) ) |
| return 0 |
| ;; |
| '--rgid'|'--egid'|'--regid') |
| local GIDS |
| GIDS=$(getent group | awk -F: '{print $3}') |
| COMPREPLY=( $(compgen -W "$GIDS" -- $cur) ) |
| return 0 |
| ;; |
| '--groups') |
| local prefix realcur GIDS_ALL GIDS |
| realcur="${cur##*,}" |
| prefix="${cur%$realcur}" |
| GIDS_ALL=$(getent group | awk -F: '{print $3}') |
| for WORD in $GIDS_ALL; do |
| if ! [[ $prefix == *"$WORD"* ]]; then |
| GIDS="$WORD $GIDS" |
| fi |
| done |
| compopt -o nospace |
| COMPREPLY=( $(compgen -P "$prefix" -W "$GIDS" -S ',' -- $realcur) ) |
| return 0 |
| ;; |
| '--securebits') |
| local SBITS |
| SBITS="noroot noroot_locked no_setuid_fixup no_setuid_fixup_locked keep_caps_locked |
| -noroot -noroot_locked -no_setuid_fixup -no_setuid_fixup_locked -keep_caps_locked" |
| COMPREPLY=( $(compgen -W "$SBITS" -- $cur) ) |
| return 0 |
| ;; |
| '--selinux-label') |
| # FIXME: how to list selinux labels? |
| COMPREPLY=( $(compgen -W "label" -- $cur) ) |
| return 0 |
| ;; |
| '--apparmor-profile') |
| # FIXME: how to list apparmor profiles? |
| COMPREPLY=( $(compgen -W "profile" -- $cur) ) |
| return 0 |
| ;; |
| '-h'|'--help'|'-V'|'--version') |
| return 0 |
| ;; |
| esac |
| case $cur in |
| -*) |
| OPTS="--dump |
| --no-new-privs |
| --ambient-caps |
| --inh-caps |
| --bounding-set |
| --ruid |
| --euid |
| --rgid |
| --egid |
| --reuid |
| --regid |
| --clear-groupsclear |
| --keep-groupskeep |
| --groups |
| --securebits |
| --selinux-label |
| --apparmor-profile |
| --help |
| --version" |
| COMPREPLY=( $(compgen -W "${OPTS[*]}" -- $cur) ) |
| return 0 |
| ;; |
| esac |
| compopt -o bashdefault |
| COMPREPLY=( $(compgen -c -- $cur) ) |
| return 0 |
| } |
| complete -F _setpriv_module setpriv |