From: Arseny Maslennikov <ar@cs.msu.ru>
To: zsh-workers@zsh.org
Cc: Arseny Maslennikov <ar@cs.msu.ru>
Subject: [PATCH 2/2] Introduce new completion for setpriv(1) on Linux
Date: Fri, 26 Feb 2021 10:55:58 +0300 [thread overview]
Message-ID: <20210226075558.883716-2-ar@cs.msu.ru> (raw)
In-Reply-To: <20210226075558.883716-1-ar@cs.msu.ru>
This is a utility from util-linux which sets or queries various Linux
process privilege settings that are inherited across execve(2). More
info is available in the corresponding manual page[1].
[1] https://man7.org/linux/man-pages/man1/setpriv.1.html
---
Completion/Linux/Command/_setpriv | 88 +++++++++++++++++++++++++++++++
1 file changed, 88 insertions(+)
create mode 100644 Completion/Linux/Command/_setpriv
diff --git a/Completion/Linux/Command/_setpriv b/Completion/Linux/Command/_setpriv
new file mode 100644
index 000000000..8fdd2ed10
--- /dev/null
+++ b/Completion/Linux/Command/_setpriv
@@ -0,0 +1,88 @@
+#compdef setpriv
+
+__setpriv_prctl_securebits_set_element() {
+ local -a expl matches
+ local -a bits
+
+ bits=(noroot noroot_locked
+ no_setuid_fixup no_setuid_fixup_locked
+ keep_caps_locked
+ )
+ matches=( {-,+}"${(@)^bits}" )
+ _wanted minus-plus-securebits expl 'prctl securebits' \
+ compadd "$@" -a - matches
+}
+
+__setpriv_prctl_securebits_set() {
+ _sequence __setpriv_prctl_securebits_set_element
+}
+
+__setpriv_capability_expressions() {
+ # Nonlocal expl; _description call expected.
+ local -a caps matches
+
+ _capability_names caps
+ # Strip the prefix "cap_" from every array element.
+ # For every element, prepend "-" and "+" to the element.
+ matches=( {-,+}"${(@)^caps#cap_}" )
+ compadd "$@" "${(@)expl}" -a - matches
+}
+
+__setpriv_caps_all() {
+ # Nonlocal expl; _description call expected.
+ local -a names matches
+
+ names=(all)
+ matches=( {-,+}"${(@)^names}" )
+ compadd "$@" "${(@)expl}" -a - matches
+}
+
+__setpriv_cap_set_element() {
+ # We pass through arguments from _sequence.
+ local -a Oargv=( "$@" )
+ _alternative -O Oargv \
+ 'special-actions:drop/obtain all caps:__setpriv_caps_all' \
+ 'minus-plus-caps:capabilities:__setpriv_capability_expressions' \
+ #
+}
+
+__setpriv_cap_set() {
+ _sequence __setpriv_cap_set_element
+}
+
+__setpriv_death_signals() {
+ _alternative \
+ 'special-actions:keep or clear:(keep clear)' \
+ 'signals:UNIX signals:_signals' \
+ #
+}
+
+local context state state_descr line
+typeset -A opt_args
+
+_arguments -S \
+ '(- : *)--help[print help and exit]' \
+ '(- : *)'{-V,--version}'[print version information and exit]' \
+ '(- : *)*'{-d,--dump}'[display the current privilege state]' \
+ '--clear-groups[clear supplementary groups]' \
+ '--groups[set supplementary groups]:groups:_groups' \
+ '--inh-caps[set inheritable caps]:capability set: __setpriv_cap_set' \
+ '--ambient-caps[set ambient caps]:capability set: __setpriv_cap_set' \
+ '--bounding-set[set the cap bounding set]:capability set: __setpriv_cap_set' \
+ '(- : *)--list-caps[list all known capabilities]' \
+ '--keep-groups[preserve supplementary groups]' \
+ '--init-groups[initialize supplementary groups]' \
+ '--no-new-privs[set NO_NEW_PRIVS]' \
+ '--rgid[set real UNIX group id]:UNIX group:_groups' \
+ '--egid[set effective UNIX group id]:UNIX group:_groups' \
+ '--regid[set real and effective UNIX group id]:UNIX group:_groups' \
+ '--ruid[set real UNIX user id]:UNIX user:_users' \
+ '--euid[set effective UNIX user id]:UNIX user:_users' \
+ '--reuid[set real and effective UNIX user id]:UNIX user:_users' \
+ '--securebits[set "process securebits"]:prctl securebits:__setpriv_prctl_securebits_set' \
+ '--pdeathsig[keep, clear, or set parent death signal]:signals: __setpriv_death_signals' \
+ '--selinux-label[request a selinux label]:SELinux labels: ' \
+ '--apparmor-profile[request an apparmor profile]:AppArmor profiles: ' \
+ '--reset-env[set environment as for a classic login shell]' \
+ '*:::command:_normal' \
+ #
--
2.30.1
next prev parent reply other threads:[~2021-02-26 7:56 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-26 7:55 [PATCH 1/2] Introduce new completion for Linux task capabilities Arseny Maslennikov
2021-02-26 7:55 ` Arseny Maslennikov [this message]
2021-02-26 15:50 ` Daniel Shahaf
2021-02-26 17:01 ` Arseny Maslennikov
2021-02-27 12:03 ` Oliver Kiddle
2021-03-20 2:43 ` Lawrence Velázquez
2021-03-21 12:54 ` Arseny Maslennikov
2021-03-21 12:54 ` Arseny Maslennikov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210226075558.883716-2-ar@cs.msu.ru \
--to=ar@cs.msu.ru \
--cc=zsh-workers@zsh.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/zsh/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).