From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+ml==a==inbox.vuxu.org==zsh-workers@zsh.org>
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.7 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,DKIM_VALID_EF,LONGWORDS,MAILING_LIST_MULTI,
	RCVD_IN_DNSWL_MED,T_SCC_BODY_TEXT_LINE autolearn=ham
	autolearn_force=no version=3.4.4
Received: from zero.zsh.org (zero.zsh.org [IPv6:2a02:898:31:0:48:4558:7a:7368])
	by inbox.vuxu.org (Postfix) with ESMTP id DDB1C28EB6
	for <ml@inbox.vuxu.org>; Mon, 18 Mar 2024 21:25:05 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=zsh.org;
	s=rsa-20210803; h=List-Archive:List-Owner:List-Post:List-Unsubscribe:
	List-Subscribe:List-Help:List-Id:Sender:Message-ID:Date:
	Content-Transfer-Encoding:Content-ID:Content-Type:MIME-Version:Subject:To:
	From:Reply-To:Cc:Content-Description:Resent-Date:Resent-From:Resent-Sender:
	Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References;
	bh=OGHS09CSaDDsMAfAslS/JQcfQMUPrLvEKDNsfxOPDnM=; b=LHrKkaTXlgbzkRTIYxRCyWm/9M
	7A6rDjObzVXEd2g8djlpprJgTzU3esDi29L/Le+omVkfa/WJGJ8CtBbU3bxGDuxPOiT8obcrKg5XT
	YJ3iRwGfSiuRTj2ELktfsfer3HApPNVgIKlSDR7mMLaIzwAPREvmOb/9e4zXub9YiE8JJIMGQlWfx
	ba8DaxCe/Mm+JOGF2R7VYmLkcKD6ajWn+/9q9jzVUivSCavNHNC+lzLMXxuE9Sn5aHruIaNol0HYh
	UkLsjWczjQbbiIiVYXENJ0nem18w/Qa184Ea9A+5HBhUA/N4Etkqbi8FmrlVMc1bFKlYHFoZk7f6T
	GYWJWN3Q==;
Received: by zero.zsh.org with local
	id 1rmJXd-000LSW-7k;
	Mon, 18 Mar 2024 20:25:05 +0000
Received: by zero.zsh.org with esmtpsa (TLS1.3:TLS_AES_256_GCM_SHA384:256)
	id 1rmJXR-000L85-A4;
	Mon, 18 Mar 2024 20:24:53 +0000
Received: from [192.168.178.21] (helo=hydra)
	by mail.kiddle.eu with esmtp(Exim 4.97.1)
	(envelope-from <opk@zsh.org>)
	id 1rmJXQ-000000008az-3PoL
	for zsh-workers@zsh.org;
	Mon, 18 Mar 2024 21:24:52 +0100
From: Oliver Kiddle <opk@zsh.org>
To: Zsh workers <zsh-workers@zsh.org>
Subject: PATCH: handle newrole in SELinux completions
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <33043.1710793492.1@hydra>
Content-Transfer-Encoding: quoted-printable
Date: Mon, 18 Mar 2024 21:24:52 +0100
Message-ID: <33044-1710793492.809598@y5Qn.AVJY.DVQL>
X-Seq: 52770
Archived-At: <https://zsh.org/workers/52770>
X-Loop: zsh-workers@zsh.org
Errors-To: zsh-workers-owner@zsh.org
Precedence: list
Precedence: bulk
Sender: zsh-workers-request@zsh.org
X-no-archive: yes
List-Id: <zsh-workers.zsh.org>
List-Help: <http://www.zsh.org/sympa/help>, <mailto:sympa@zsh.org?subject=HELP>
List-Subscribe: <http://www.zsh.org/sympa/subscribe/zsh-workers>, <mailto:sympa@zsh.org?subject=SUB%20zsh-workers>
List-Unsubscribe: <http://www.zsh.org/sympa/signoff/zsh-workers>, <mailto:sympa@zsh.org?subject=SIG%20zsh-workers>
List-Post: <mailto:zsh-workers@zsh.org>
List-Owner: <mailto:zsh-workers-request@zsh.org>
List-Archive: <http://www.zsh.org/sympa/arc/zsh-workers>

This handles also newrole in the SELinux completion function.

There are also a couple of other minor fixes. Module package files can
be .cil instead of .pp files. There was one case where I must have
used grep -L instead of -l when identifying commands for which an option
applied because the case pattern was inverted. And for runcon, some detrit=
us
remained from copy/pasting the help output.

Oliver

diff --git a/Completion/Linux/Command/_selinux b/Completion/Linux/Command/=
_selinux
index e7d4d3b2e..a7ba68952 100644
--- a/Completion/Linux/Command/_selinux
+++ b/Completion/Linux/Command/_selinux
@@ -1,4 +1,4 @@
-#compdef audit2allow audit2why avcstat chcon checkmodule checkpolicy fixf=
iles getpidprevcon getsebool matchpathcon restorecon runcon sealert secon =
sedta seinfo selinuxconlist selinuxdefcon selinuxexeccon semanage semodule=
 semodule_unpackage sepolgen sepolicy sesearch sestatus setenforce setsebo=
ol validatetrans
+#compdef audit2allow audit2why avcstat chcon checkmodule checkpolicy fixf=
iles getpidprevcon getsebool matchpathcon newrole restorecon runcon sealer=
t secon sedta seinfo selinuxconlist selinuxdefcon selinuxexeccon semanage =
semodule semodule_unpackage sepolgen sepolicy sesearch sestatus setenforce=
 setsebool validatetrans
 =

 # encompasses checkpolicy libselinux-utils policycoreutils
 # policycoreutils-devel policycoreutils-python-utils setools-console
@@ -251,6 +251,21 @@ case $service in
     )
   ;;
 =

+  newrole)
+    local cmd cpp
+    cmd=3D"$words[1]"
+    cpp=3D'_comp_priv_prefix=3D( $cmd ${(kv)opt_args[(I)-([rtl]|-role|-ty=
pe|-level)]} )'
+    args=3D(
+      '(-r --role)'{-r+,--role=3D}'[specify role]: :_selinux_roles'
+      '(-t --type)'{-t+,--type=3D}'[specify type]: :_selinux_types'
+      '(-l --level)'{-l+,--range=3D}'[specify level]:level'
+      '(-p --preserve-environment)'{-p,--preserve-environment}"[don't cre=
ate new minimal environment]"
+      "${ign}(-)"{-V,--version}'[display version information]'
+      "(-)1: :{ $cpp; _command_names -e }" \
+      "*:: :{ $cpp; _normal }"
+    )
+  ;;
+
   restorecon)
     args=3D(
       '*-e+[exclude a directory]:directory:_directories'
@@ -276,10 +291,10 @@ case $service in
   runcon)
     args=3D(
       '(1 -c --compute)'{-c,--compute}'[compute process transition contex=
t before modifying]'
-      '(1 -t --type=3DTYPE)'{-t+,--type=3D}'[specify type]: :_selinux_typ=
es'
-      '(1 -u --user=3DUSER)'{-u+,--user=3D}'[specify user identity]: :_se=
linux_users'
-      '(1 -r --role=3DROLE)'{-r+,--role=3D}'[specify role]: :_selinux_rol=
es'
-      '(1 -l --range=3DRANGE)'{-l+,--range=3D}'[specify level range]:rang=
e'
+      '(1 -t --type)'{-t+,--type=3D}'[specify type]: :_selinux_types'
+      '(1 -u --user)'{-u+,--user=3D}'[specify user identity]: :_selinux_u=
sers'
+      '(1 -r --role)'{-r+,--role=3D}'[specify role]: :_selinux_roles'
+      '(1 -l --range)'{-l+,--range=3D}'[specify level range]:range'
       '(-)1:security context:_selinux_contexts'
       '*:::args:_normal'
     )
@@ -460,7 +475,7 @@ case $service in
               '(-E --extract)'{-E,--extract}'[extract customizable comman=
ds, for use within a transaction]'
             )
           ;|
-          boolean|dontaudit|export|import)
+          fcontext|ibendport|ibpkey|interface|login|module|node|permissiv=
e|port|user)
             args+=3D( '(-a --add)'{-a,--add}'[add a record]' )
           ;|
           boolean|fcontext|ibendport|ibpkey|interface|login|node|permissi=
ve|port|user)
@@ -573,8 +588,8 @@ case $service in
       \*{-B,--build}'[build and reload policy]'
       \*'--refresh[like --build but reuse existing linked policy if modul=
e files unchanged]'
       \*{-D,--disable_dontaudit}'[remove dontaudits from policy]'
-      \*{-i+,--install=3D}'[install a new module]:module package:_files -=
g "*.pp(-.)"'
-      \!{-b,--base,-u,--upgrade}':module package:_files -g "*.pp(-.)"'
+      \*{-i+,--install=3D}'[install a new module]:module package:_files -=
g "*.(pp|cil)(-.)"'
+      \!{-b,--base,-u,--upgrade}':module package:_files -g "*.(pp|cil)(-.=
)"'
       \*{-r+,--remove=3D}'[remove existing module at desired priority]:mo=
dule name:_selinux_modules'
       \*{-l+,--list-modules=3D-}'[display list of installed modules]::kin=
d:((
         standard\:highest\ priority,\ enabled\ modules