| _setpriv_module() |
| { |
| local cur prev OPTS |
| COMPREPLY=() |
| cur="${COMP_WORDS[COMP_CWORD]}" |
| prev="${COMP_WORDS[COMP_CWORD-1]}" |
| case $prev in |
| '--ambient-caps'|'--inh-caps'|'--bounding-set') |
| local prefix realcur INHERIT_ALL INHERIT |
| realcur="${cur##*,}" |
| prefix="${cur%$realcur}" |
| INHERIT_ALL=$($1 --list-caps| awk '{print $1, "-" $1}') |
| for WORD in $INHERIT_ALL; do |
| if ! [[ $prefix == *"$WORD"* ]]; then |
| INHERIT="$WORD ${INHERIT:-""}" |
| fi |
| done |
| compopt -o nospace |
| COMPREPLY=( $(compgen -P "$prefix" -W "$INHERIT" -S ',' -- $realcur) ) |
| return 0 |
| ;; |
| '--ruid'|'--euid'|'--reuid') |
| local UIDS |
| UIDS=$(getent passwd | awk -F: '{print $1}') |
| COMPREPLY=( $(compgen -W "$UIDS" -- $cur) ) |
| return 0 |
| ;; |
| '--rgid'|'--egid'|'--regid') |
| local GIDS |
| GIDS=$(getent group | awk -F: '{print $1}') |
| COMPREPLY=( $(compgen -W "$GIDS" -- $cur) ) |
| return 0 |
| ;; |
| '--groups') |
| local prefix realcur GIDS_ALL GIDS |
| realcur="${cur##*,}" |
| prefix="${cur%$realcur}" |
| GIDS_ALL=$(getent group | awk -F: '{print $3}') |
| for WORD in $GIDS_ALL; do |
| if ! [[ $prefix == *"$WORD"* ]]; then |
| GIDS="$WORD ${GIDS:-""}" |
| fi |
| done |
| compopt -o nospace |
| COMPREPLY=( $(compgen -P "$prefix" -W "$GIDS" -S ',' -- $realcur) ) |
| return 0 |
| ;; |
| '--securebits') |
| local prefix realcur SBITS_ALL SBITS WORD |
| realcur="${cur##*,}" |
| prefix="${cur%$realcur}" |
| SBITS_ALL=" |
| {+,-}keep_caps_locked |
| {+,-}noroot |
| {+,-}noroot_locked |
| {+,-}no_setuid_fixup |
| {+,-}no_setuid_fixup_locked |
| " |
| for WORD in $SBITS_ALL; do |
| if ! [[ $prefix == *"$WORD"* ]]; then |
| SBITS="$WORD ${SBITS:-""}" |
| fi |
| done |
| compopt -o nospace |
| COMPREPLY=( $(compgen -P "$prefix" -W "$SBITS" -S ',' -- $realcur) ) |
| return 0 |
| ;; |
| '--pdeathsig') |
| local i signals |
| for i in $(kill -l); do |
| case $i in |
| SIG*) |
| signals+="$i " |
| ;; |
| esac |
| done |
| COMPREPLY=( $(compgen -W "keep clear $signals" -- $cur) ) |
| return 0 |
| ;; |
| '--selinux-label') |
| # FIXME: how to list selinux labels? |
| COMPREPLY=( $(compgen -W "label" -- $cur) ) |
| return 0 |
| ;; |
| '--apparmor-profile') |
| # FIXME: how to list apparmor profiles? |
| COMPREPLY=( $(compgen -W "profile" -- $cur) ) |
| return 0 |
| ;; |
| '-h'|'--help'|'-V'|'--version') |
| return 0 |
| ;; |
| esac |
| case $cur in |
| -*) |
| OPTS="--dump |
| --no-new-privs |
| --ambient-caps |
| --inh-caps |
| --bounding-set |
| --ruid |
| --euid |
| --rgid |
| --egid |
| --reuid |
| --regid |
| --clear-groupsclear |
| --keep-groupskeep |
| --groups |
| --securebits |
| --pdeathsig |
| --reset-env |
| --selinux-label |
| --apparmor-profile |
| --help |
| --version" |
| COMPREPLY=( $(compgen -W "${OPTS[*]}" -- $cur) ) |
| return 0 |
| ;; |
| esac |
| compopt -o bashdefault |
| COMPREPLY=( $(compgen -c -- $cur) ) |
| return 0 |
| } |
| complete -F _setpriv_module setpriv |