mirror of
https://github.com/fish-shell/fish-shell
synced 2025-01-12 21:18:53 +00:00
56 lines
2.8 KiB
Fish
56 lines
2.8 KiB
Fish
|
function __fish_firejail_profiles
|
||
|
path basename -- /etc/firejail/*.profile ~/.config/firejail/*.profile
|
||
|
end
|
||
|
|
||
|
function __fish_firejail_complete_sandboxes
|
||
|
firejail --list | string replace -rf -- '([^:]+):([^:]+):([^:]+):(.*)' '$1\t$3: $4 ($2)\n$3\t$1: $4 ($2)'
|
||
|
end
|
||
|
|
||
|
complete -c firejail -f
|
||
|
complete -c firejail -l help -d 'Show help and exit'
|
||
|
complete -c firejail -l version -d 'Show version and exit'
|
||
|
complete -c firejail -l debug -d 'Print debug info'
|
||
|
complete -c firejail -l debug-blacklists -d 'Debug blacklisting'
|
||
|
complete -c firejail -l debug-whitelists -d 'Debug whitelisting'
|
||
|
complete -c firejail -l debug-caps -d 'Print known capabilities and exit'
|
||
|
complete -c firejail -l debug-errnos -d 'Print known error numbers and exit'
|
||
|
complete -c firejail -l debug-private-lib -d 'Debug --private-lib'
|
||
|
complete -c firejail -l debug-protocols -d 'Print known protocols and exit'
|
||
|
complete -c firejail -l debug-syscalls -d 'Print known syscalls and exit'
|
||
|
complete -c firejail -l debug-syscalls32 -d 'Print known 32-bit syscalls and exit'
|
||
|
complete -c firejail -l list -d 'List all sandboxes'
|
||
|
complete -c firejail -l tree -d 'Print a tree of all sandboxes'
|
||
|
complete -c firejail -l top -d 'Monitor sandboxes (like `top`)'
|
||
|
complete -c firejail -l shutdown -d 'Show help and exit'
|
||
|
|
||
|
# Profiles
|
||
|
# Note: firejail's option parsing is weird and *requires* the --foo=bar form
|
||
|
# So we don't use -r
|
||
|
complete -c firejail -l profiles -d 'Load a custom security profile' -a '(__fish_firejail_profiles)'
|
||
|
|
||
|
# Sandboxes
|
||
|
complete -c firejail -l join -d 'Join existing sandbox' -a '(__fish_firejail_complete_sandboxes)'
|
||
|
|
||
|
# Files
|
||
|
complete -c firejail -l hosts-file -d 'Show help and exit' -a '(__fish_firejail_profiles)'
|
||
|
|
||
|
# directory
|
||
|
complete -c firejail -l chroot -d 'Chroot into this directory' -a '(__fish_complete_directories)'
|
||
|
complete -c firejail -l tmpfs -d 'Mount tmpfs into sandbox' -a '(__fish_complete_directories)'
|
||
|
complete -c firejail -l blacklist -d 'Blacklist dir or file' -F
|
||
|
complete -c firejail -l noblacklist -d 'Disable blacklist for dir or file' -F
|
||
|
complete -c firejail -l whitelist -d 'Whitelist dir or file' -F
|
||
|
complete -c firejail -l nowhitelist -d 'Disable whitelist for dir or file' -F
|
||
|
complete -c firejail -l read-only -d 'Set dir or file read-only' -F
|
||
|
complete -c firejail -l read-write -d 'Set dir or file read-write' -F
|
||
|
# TODO: Comma-separated ("/etc/foo,/usr/etc/foo" bind-mounts /etc/foo on /usr/etc/foo)
|
||
|
complete -c firejail -l bind -d 'Bind-mount file on top of another' -F
|
||
|
complete -c firejail -l private -d 'Mount temporary home directories and delete on exit' -F
|
||
|
complete -c firejail -l netfilter -d 'Enable firewall given by this file' -F
|
||
|
|
||
|
# Interfaces
|
||
|
complete -c firejail -l net -d 'Enable network namespace connected to this interface' -a '(__fish_print_interfaces)'
|
||
|
|
||
|
# Commands
|
||
|
complete -c firejail -a '(__fish_complete_subcommand)'
|