fish-shell/share/completions/firejail.fish
Fabian Boehm 7a667b4f6d Add basic completions for firejail
These are pretty basic, but get us roughly up to the level of the
official completions (that are also incomplete and offer disabled
options).

Fixes #10858
2024-11-18 16:16:07 +01:00

55 lines
2.8 KiB
Fish

function __fish_firejail_profiles
path basename -- /etc/firejail/*.profile ~/.config/firejail/*.profile
end
function __fish_firejail_complete_sandboxes
firejail --list | string replace -rf -- '([^:]+):([^:]+):([^:]+):(.*)' '$1\t$3: $4 ($2)\n$3\t$1: $4 ($2)'
end
complete -c firejail -f
complete -c firejail -l help -d 'Show help and exit'
complete -c firejail -l version -d 'Show version and exit'
complete -c firejail -l debug -d 'Print debug info'
complete -c firejail -l debug-blacklists -d 'Debug blacklisting'
complete -c firejail -l debug-whitelists -d 'Debug whitelisting'
complete -c firejail -l debug-caps -d 'Print known capabilities and exit'
complete -c firejail -l debug-errnos -d 'Print known error numbers and exit'
complete -c firejail -l debug-private-lib -d 'Debug --private-lib'
complete -c firejail -l debug-protocols -d 'Print known protocols and exit'
complete -c firejail -l debug-syscalls -d 'Print known syscalls and exit'
complete -c firejail -l debug-syscalls32 -d 'Print known 32-bit syscalls and exit'
complete -c firejail -l list -d 'List all sandboxes'
complete -c firejail -l tree -d 'Print a tree of all sandboxes'
complete -c firejail -l top -d 'Monitor sandboxes (like `top`)'
complete -c firejail -l shutdown -d 'Show help and exit'
# Profiles
# Note: firejail's option parsing is weird and *requires* the --foo=bar form
# So we don't use -r
complete -c firejail -l profiles -d 'Load a custom security profile' -a '(__fish_firejail_profiles)'
# Sandboxes
complete -c firejail -l join -d 'Join existing sandbox' -a '(__fish_firejail_complete_sandboxes)'
# Files
complete -c firejail -l hosts-file -d 'Show help and exit' -a '(__fish_firejail_profiles)'
# directory
complete -c firejail -l chroot -d 'Chroot into this directory' -a '(__fish_complete_directories)'
complete -c firejail -l tmpfs -d 'Mount tmpfs into sandbox' -a '(__fish_complete_directories)'
complete -c firejail -l blacklist -d 'Blacklist dir or file' -F
complete -c firejail -l noblacklist -d 'Disable blacklist for dir or file' -F
complete -c firejail -l whitelist -d 'Whitelist dir or file' -F
complete -c firejail -l nowhitelist -d 'Disable whitelist for dir or file' -F
complete -c firejail -l read-only -d 'Set dir or file read-only' -F
complete -c firejail -l read-write -d 'Set dir or file read-write' -F
# TODO: Comma-separated ("/etc/foo,/usr/etc/foo" bind-mounts /etc/foo on /usr/etc/foo)
complete -c firejail -l bind -d 'Bind-mount file on top of another' -F
complete -c firejail -l private -d 'Mount temporary home directories and delete on exit' -F
complete -c firejail -l netfilter -d 'Enable firewall given by this file' -F
# Interfaces
complete -c firejail -l net -d 'Enable network namespace connected to this interface' -a '(__fish_print_interfaces)'
# Commands
complete -c firejail -a '(__fish_complete_subcommand)'