mirror of https://github.com/docker/cli.git
Improve bash completion for `docker run --cap-{add,drop}`
Docker has several capabilities enabled by default and some not. It seems natural to follow this distinction in --cap-add and --cap-drop. Signed-off-by: Harald Albers <github@albersweb.de>
This commit is contained in:
parent
6e6d6edd08
commit
75d90a8a18
|
@ -591,38 +591,25 @@ __docker_complete_local_interfaces() {
|
||||||
COMPREPLY=( $( compgen -W "$(__docker_local_interfaces) $additional_interface" -- "$cur" ) )
|
COMPREPLY=( $( compgen -W "$(__docker_local_interfaces) $additional_interface" -- "$cur" ) )
|
||||||
}
|
}
|
||||||
|
|
||||||
__docker_complete_capabilities() {
|
# __docker_complete_capabilities_addable completes Linux capabilities which are
|
||||||
# The list of capabilities is defined in types.go, ALL was added manually.
|
# not granted by default and may be added.
|
||||||
|
# see https://docs.docker.com/engine/reference/run/#/runtime-privilege-and-linux-capabilities
|
||||||
|
__docker_complete_capabilities_addable() {
|
||||||
COMPREPLY=( $( compgen -W "
|
COMPREPLY=( $( compgen -W "
|
||||||
ALL
|
ALL
|
||||||
AUDIT_CONTROL
|
AUDIT_CONTROL
|
||||||
AUDIT_WRITE
|
|
||||||
AUDIT_READ
|
|
||||||
BLOCK_SUSPEND
|
BLOCK_SUSPEND
|
||||||
CHOWN
|
|
||||||
DAC_OVERRIDE
|
|
||||||
DAC_READ_SEARCH
|
DAC_READ_SEARCH
|
||||||
FOWNER
|
|
||||||
FSETID
|
|
||||||
IPC_LOCK
|
IPC_LOCK
|
||||||
IPC_OWNER
|
IPC_OWNER
|
||||||
KILL
|
|
||||||
LEASE
|
LEASE
|
||||||
LINUX_IMMUTABLE
|
LINUX_IMMUTABLE
|
||||||
MAC_ADMIN
|
MAC_ADMIN
|
||||||
MAC_OVERRIDE
|
MAC_OVERRIDE
|
||||||
MKNOD
|
|
||||||
NET_ADMIN
|
NET_ADMIN
|
||||||
NET_BIND_SERVICE
|
|
||||||
NET_BROADCAST
|
NET_BROADCAST
|
||||||
NET_RAW
|
|
||||||
SETFCAP
|
|
||||||
SETGID
|
|
||||||
SETPCAP
|
|
||||||
SETUID
|
|
||||||
SYS_ADMIN
|
SYS_ADMIN
|
||||||
SYS_BOOT
|
SYS_BOOT
|
||||||
SYS_CHROOT
|
|
||||||
SYSLOG
|
SYSLOG
|
||||||
SYS_MODULE
|
SYS_MODULE
|
||||||
SYS_NICE
|
SYS_NICE
|
||||||
|
@ -636,6 +623,29 @@ __docker_complete_capabilities() {
|
||||||
" -- "$cur" ) )
|
" -- "$cur" ) )
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# __docker_complete_capabilities_droppable completes Linux capability options which are
|
||||||
|
# allowed by default and can be dropped.
|
||||||
|
# see https://docs.docker.com/engine/reference/run/#/runtime-privilege-and-linux-capabilities
|
||||||
|
__docker_complete_capabilities_droppable() {
|
||||||
|
COMPREPLY=( $( compgen -W "
|
||||||
|
ALL
|
||||||
|
AUDIT_WRITE
|
||||||
|
CHOWN
|
||||||
|
DAC_OVERRIDE
|
||||||
|
FOWNER
|
||||||
|
FSETID
|
||||||
|
KILL
|
||||||
|
MKNOD
|
||||||
|
NET_BIND_SERVICE
|
||||||
|
NET_RAW
|
||||||
|
SETFCAP
|
||||||
|
SETGID
|
||||||
|
SETPCAP
|
||||||
|
SETUID
|
||||||
|
SYS_CHROOT
|
||||||
|
" -- "$cur" ) )
|
||||||
|
}
|
||||||
|
|
||||||
__docker_complete_detach-keys() {
|
__docker_complete_detach-keys() {
|
||||||
case "$prev" in
|
case "$prev" in
|
||||||
--detach-keys)
|
--detach-keys)
|
||||||
|
@ -1443,8 +1453,12 @@ _docker_container_run() {
|
||||||
COMPREPLY=( $( compgen -W 'stdin stdout stderr' -- "$cur" ) )
|
COMPREPLY=( $( compgen -W 'stdin stdout stderr' -- "$cur" ) )
|
||||||
return
|
return
|
||||||
;;
|
;;
|
||||||
--cap-add|--cap-drop)
|
--cap-add)
|
||||||
__docker_complete_capabilities
|
__docker_complete_capabilities_addable
|
||||||
|
return
|
||||||
|
;;
|
||||||
|
--cap-drop)
|
||||||
|
__docker_complete_capabilities_droppable
|
||||||
return
|
return
|
||||||
;;
|
;;
|
||||||
--cidfile|--env-file|--label-file)
|
--cidfile|--env-file|--label-file)
|
||||||
|
|
Loading…
Reference in New Issue