diff options
author | Colin Walters <walters@verbum.org> | 2021-06-24 10:05:55 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-06-24 10:05:55 -0400 |
commit | 0cc286e33ffb16962e4320acf121a3e5fc4fc5bd (patch) | |
tree | 5d68f5f927b06417ffde51b02aa7f5d60ba77ab4 | |
parent | 0ba3ab996bab69ab92f8cce5602ff7d056bfb71d (diff) | |
parent | 05b26397429bfb1b9834ea81f885b72c33c6dd14 (diff) | |
download | bubblewrap-0cc286e33ffb16962e4320acf121a3e5fc4fc5bd.tar.gz |
Merge pull request #437 from smcv/zsh
Improve zsh completion
-rwxr-xr-x | completions/zsh/_bwrap | 105 | ||||
-rw-r--r-- | configure.ac | 2 |
2 files changed, 60 insertions, 47 deletions
diff --git a/completions/zsh/_bwrap b/completions/zsh/_bwrap index 88c9b35..5a9d2fd 100755 --- a/completions/zsh/_bwrap +++ b/completions/zsh/_bwrap @@ -1,64 +1,77 @@ #compdef bwrap +_bwrap_args_after_perms=( + # Please sort alphabetically (in LC_ALL=C order) by option name + '--bind-data[Copy from FD to file which is bind-mounted on DEST]: :_guard "[0-9]#" "file descriptor to read content":destination:_files' + '--dir[Create dir at DEST]:directory to create:_files -/' + '--file[Copy from FD to destination DEST]: :_guard "[0-9]#" "file descriptor to read content from":destination:_files' + '--ro-bind-data[Copy from FD to file which is readonly bind-mounted on DEST]: :_guard "[0-9]#" "file descriptor to read content from":destination:_files' + '--tmpfs[Mount new tmpfs on DEST]:mount point for tmpfs:_files -/' +) + _bwrap_args=( '*::arguments:_normal' + $_bwrap_args_after_perms + + # Please sort alphabetically (in LC_ALL=C order) by option name + '--args[Parse NUL-separated args from FD]: :_guard "[0-9]#" "file descriptor with NUL-separated arguments"' + '--as-pid-1[Do not install a reaper process with PID=1]' + '--bind-try[Equal to --bind but ignores non-existent SRC]:source:_files:destination:_files' + '--bind[Bind mount the host path SRC on DEST]:source:_files:destination:_files' + '--block-fd[Block on FD until some data to read is available]: :_guard "[0-9]#" "file descriptor to block on"' + '--cap-add[Add cap CAP when running as privileged user]:capability to add:->caps' + '--cap-drop[Drop cap CAP when running as privileged user]:capability to add:->caps' + '--chdir[Change directory to DIR]:working directory for sandbox: _files -/' + '--chmod[Set permissions]: :_guard "[0-7]#" "permissions in octal":path to set permissions:_files' + '--clearenv[Unset all environment variables]' + '--dev-bind-try[Equal to --dev-bind but ignores non-existent SRC]:source:_files:destination:_files' + '--dev-bind[Bind mount the host path SRC on DEST, allowing device access]:source:_files:destination:_files' + '--dev[Mount new dev on DEST]:mount point for /dev:_files -/' + "--die-with-parent[Kills with SIGKILL child process (COMMAND) when bwrap or bwrap's parent dies.]" + '--exec-label[Exec label for the sandbox]:SELinux label:_selinux_contexts' + '--file-label[File label for temporary sandbox content]:SELinux label:_selinux_contexts' + '--gid[Custom gid in the sandbox (requires --unshare-user or --userns)]: :_guard "[0-9]#" "numeric group ID"' '--help[Print help and exit]' - '--version[Print version]' - '--args[Parse NUL-separated args from FD]: :' + '--hostname[Custom hostname in the sandbox (requires --unshare-uts)]:hostname:' + '--info-fd[Write information about the running container to FD]: :_guard "[0-9]#" "file descriptor to write to"' + '--json-status-fd[Write container status to FD as multiple JSON documents]: :_guard "[0-9]#" "file descriptor to write to"' + '--lock-file[Take a lock on DEST while sandbox is running]:lock file:_files' + '--mqueue[Mount new mqueue on DEST]:mount point for mqueue:_files -/' + '--new-session[Create a new terminal session]' + '--perms[Set permissions for next action argument]: :_guard "[0-7]#" "permissions in octal": :->after_perms' + '--pidns[Use this user namespace (as parent namespace if using --unshare-pid)]: :' + '--proc[Mount new procfs on DEST]:mount point for procfs:_files -/' + '--remount-ro[Remount DEST as readonly; does not recursively remount]:mount point to remount read-only:_files' + '--ro-bind-try[Equal to --ro-bind but ignores non-existent SRC]:source:_files:destination:_files' + '--ro-bind[Bind mount the host path SRC readonly on DEST]:source:_files:destination:_files' + '--seccomp[Load and use seccomp rules from FD]: :_guard "[0-9]#" "file descriptor to read seccomp rules from"' + '--setenv[Set an environment variable]:variable to set:_parameters -g "*export*":value of variable: :' + '--symlink[Create symlink at DEST with target SRC]:symlink target:_files:symlink to create:_files:' + '--sync-fd[Keep this fd open while sandbox is running]: :_guard "[0-9]#" "file descriptor to keep open"' + '--uid[Custom uid in the sandbox (requires --unshare-user or --userns)]: :_guard "[0-9]#" "numeric group ID"' + '(--clearenv)--unsetenv[Unset an environment variable]:variable to unset:_parameters -g "*export*"' '--unshare-all[Unshare every namespace we support by default]' - '(--userns --userns2)--unshare-user[Create new user namespace (may be automatically implied if not setuid)]' - '--unshare-user-try[Create new user namespace if possible else continue by skipping it]' + '--unshare-cgroup-try[Create new cgroup namespace if possible else continue by skipping it]' + '--unshare-cgroup[Create new cgroup namespace]' '--unshare-ipc[Create new ipc namespace]' - '--unshare-pid[Create new pid namespace]' '--unshare-net[Create new network namespace]' + '--unshare-pid[Create new pid namespace]' + '(--userns --userns2)--unshare-user[Create new user namespace (may be automatically implied if not setuid)]' + '--unshare-user-try[Create new user namespace if possible else continue by skipping it]' '--unshare-uts[Create new uts namespace]' - '--unshare-cgroup[Create new cgroup namespace]' - '--unshare-cgroup-try[Create new cgroup namespace if possible else continue by skipping it]' '(--unshare-user)--userns[Use this user namespace (cannot combine with --unshare-user)]: :' - '(--unshare-user)--userns2[After setup switch to this user namspace, only useful with --userns]: :' - '--pidns[Use this user namespace (as parent namespace if using --unshare-pid)]: :' - '--uid[Custom uid in the sandbox (requires --unshare-user or --userns)]: :' - '--gid[Custom gid in the sandbox (requires --unshare-user or --userns)]: :' - '--hostname[Custom hostname in the sandbox (requires --unshare-uts)]: :' - '--chdir DIR[Change directory to DIR]: : _files -/' - '--setenv[Set an environment variable]: :' - '--unsetenv[Unset an environment variable]: :' - '--lock-file[Take a lock on DEST while sandbox is running]: :' - '--sync-fd[Keep this fd open while sandbox is running]: :' - '--bind[Bind mount the host path SRC on DEST]: : _files -/ :' - '--bind-try[Equal to --bind but ignores non-existent SRC]: : _files -/ :' - '--dev-bind[Bind mount the host path SRC on DEST, allowing device access]: : _files -/ :' - '--dev-bind-try[Equal to --dev-bind but ignores non-existent SRC]: : _files -/ :' - '--ro-bind[Bind mount the host path SRC readonly on DEST]: : _files -/ :' - '--ro-bind-try[Equal to --ro-bind but ignores non-existent SRC]: : _files -/ :' - '--remount-ro[Remount DEST as readonly; does not recursively remount]: :' - '--exec-label[Exec label for the sandbox]: :' - '--file-label[File label for temporary sandbox content]: :' - '--proc[Mount new procfs on DEST]: :' - '--dev[Mount new dev on DEST]: :' - '--tmpfs[Mount new tmpfs on DEST]: :' - '--mqueue[Mount new mqueue on DEST]: :' - '--dir[Create dir at DEST]: :' - '--file[Copy from FD to destination DEST]: : :' - '--bind-data[Copy from FD to file which is bind-mounted on DEST]: : :' - '--ro-bind-data[Copy from FD to file which is readonly bind-mounted on DEST]: : :' - '--symlink[Create symlink at DEST with target SRC]: : :' - '--seccomp[Load and use seccomp rules from FD]: :' - '--block-fd[Block on FD until some data to read is available]: :' - '--userns-block-fd[Block on FD until the user namespace is ready]: :' - '--info-fd[Write information about the running container to FD]: :' - '--json-status-fd[Write container status to FD as multiple JSON documents]: :' - '--new-session[Create a new terminal session]' - "--die-with-parent[Kills with SIGKILL child process (COMMAND) when bwrap or bwrap's parent dies.]" - '--as-pid-1[Do not install a reaper process with PID=1]' - '--cap-add[Add cap CAP when running as privileged user]: :->caps' - '--cap-drop[Drop cap CAP when running as privileged user]: :->caps' + '--userns-block-fd[Block on FD until the user namespace is ready]: :_guard "[0-9]#" "file descriptor to block on"' + '(--unshare-user)--userns2[After setup switch to this user namespace, only useful with --userns]: :' + '--version[Print version]' ) - _bwrap() { _arguments -S $_bwrap_args case "$state" in + after_perms) + _values -S ' ' 'option' $_bwrap_args_after_perms + ;; + caps) # $ grep -E '#define\sCAP_\w+\s+[0-9]+' /usr/include/linux/capability.h | awk '{print $2}' | xargs echo local all_caps=( diff --git a/configure.ac b/configure.ac index 3e761a0..33b75cf 100644 --- a/configure.ac +++ b/configure.ac @@ -66,7 +66,7 @@ else fi -AC_SUBST([ZSH_COMPLETION_DIR]) +AC_SUBST([ZSH_COMPLETION_DIR]) AM_CONDITIONAL([ENABLE_ZSH_COMPLETION], [test "x$with_zsh_completion_dir" != "xno"]) # ------------------------------------------------------------------------------ |