fish-shell/share/completions/firejail.fish

function __fish_firejail_profiles
    path basename -- /etc/firejail/*.profile ~/.config/firejail/*.profile
end

function __fish_firejail_complete_sandboxes
    firejail --list | string replace -rf -- '([^:]+):([^:]+):([^:]+):(.*)' '$1\t$3: $4 ($2)\n$3\t$1: $4 ($2)'
end

complete -c firejail -f
complete -c firejail -l help -d 'Show help and exit'
complete -c firejail -l version -d 'Show version and exit'
complete -c firejail -l debug -d 'Print debug info'
complete -c firejail -l debug-blacklists -d 'Debug blacklisting'
complete -c firejail -l debug-whitelists -d 'Debug whitelisting'
complete -c firejail -l debug-caps -d 'Print known capabilities and exit'
complete -c firejail -l debug-errnos -d 'Print known error numbers and exit'
complete -c firejail -l debug-private-lib -d 'Debug --private-lib'
complete -c firejail -l debug-protocols -d 'Print known protocols and exit'
complete -c firejail -l debug-syscalls -d 'Print known syscalls and exit'
complete -c firejail -l debug-syscalls32 -d 'Print known 32-bit syscalls and exit'
complete -c firejail -l list -d 'List all sandboxes'
complete -c firejail -l tree -d 'Print a tree of all sandboxes'
complete -c firejail -l top -d 'Monitor sandboxes (like `top`)'
complete -c firejail -l shutdown -d 'Show help and exit'

# Profiles
# Note: firejail's option parsing is weird and *requires* the --foo=bar form
# So we don't use -r
complete -c firejail -l profiles -d 'Load a custom security profile' -a '(__fish_firejail_profiles)'

# Sandboxes
complete -c firejail -l join -d 'Join existing sandbox' -a '(__fish_firejail_complete_sandboxes)'

# Files
complete -c firejail -l hosts-file -d 'Show help and exit' -a '(__fish_firejail_profiles)'

# directory
complete -c firejail -l chroot -d 'Chroot into this directory' -a '(__fish_complete_directories)'
complete -c firejail -l tmpfs -d 'Mount tmpfs into sandbox' -a '(__fish_complete_directories)'
complete -c firejail -l blacklist -d 'Blacklist dir or file' -F
complete -c firejail -l noblacklist -d 'Disable blacklist for dir or file' -F
complete -c firejail -l whitelist -d 'Whitelist dir or file' -F
complete -c firejail -l nowhitelist -d 'Disable whitelist for dir or file' -F
complete -c firejail -l read-only -d 'Set dir or file read-only' -F
complete -c firejail -l read-write -d 'Set dir or file read-write' -F
# TODO: Comma-separated ("/etc/foo,/usr/etc/foo" bind-mounts /etc/foo on /usr/etc/foo)
complete -c firejail -l bind -d 'Bind-mount file on top of another' -F
complete -c firejail -l private -d 'Mount temporary home directories and delete on exit' -F
complete -c firejail -l netfilter -d 'Enable firewall given by this file' -F

# Interfaces
complete -c firejail -l net -d 'Enable network namespace connected to this interface' -a '(__fish_print_interfaces)'

# Commands
complete -c firejail -a '(__fish_complete_subcommand)'
Add basic completions for firejail These are pretty basic, but get us roughly up to the level of the official completions (that are also incomplete and offer disabled options). Fixes #10858 2024-11-18 23:16:07 +08:00			`function __fish_firejail_profiles`
			`path basename -- /etc/firejail/.profile ~/.config/firejail/.profile`
			`end`

			`function __fish_firejail_complete_sandboxes`
			`firejail --list \| string replace -rf -- '([^:]+):([^:]+):([^:]+):(.*)' '$1\t$3: $4 ($2)\n$3\t$1: $4 ($2)'`
			`end`

			`complete -c firejail -f`
			`complete -c firejail -l help -d 'Show help and exit'`
			`complete -c firejail -l version -d 'Show version and exit'`
			`complete -c firejail -l debug -d 'Print debug info'`
			`complete -c firejail -l debug-blacklists -d 'Debug blacklisting'`
			`complete -c firejail -l debug-whitelists -d 'Debug whitelisting'`
			`complete -c firejail -l debug-caps -d 'Print known capabilities and exit'`
			`complete -c firejail -l debug-errnos -d 'Print known error numbers and exit'`
			`complete -c firejail -l debug-private-lib -d 'Debug --private-lib'`
			`complete -c firejail -l debug-protocols -d 'Print known protocols and exit'`
			`complete -c firejail -l debug-syscalls -d 'Print known syscalls and exit'`
			`complete -c firejail -l debug-syscalls32 -d 'Print known 32-bit syscalls and exit'`
			`complete -c firejail -l list -d 'List all sandboxes'`
			`complete -c firejail -l tree -d 'Print a tree of all sandboxes'`
			complete -c firejail -l top -d 'Monitor sandboxes (like `top`)'
			`complete -c firejail -l shutdown -d 'Show help and exit'`

			`# Profiles`
			`# Note: firejail's option parsing is weird and requires the --foo=bar form`
			`# So we don't use -r`
			`complete -c firejail -l profiles -d 'Load a custom security profile' -a '(__fish_firejail_profiles)'`

			`# Sandboxes`
			`complete -c firejail -l join -d 'Join existing sandbox' -a '(__fish_firejail_complete_sandboxes)'`

			`# Files`
			`complete -c firejail -l hosts-file -d 'Show help and exit' -a '(__fish_firejail_profiles)'`

			`# directory`
			`complete -c firejail -l chroot -d 'Chroot into this directory' -a '(__fish_complete_directories)'`
			`complete -c firejail -l tmpfs -d 'Mount tmpfs into sandbox' -a '(__fish_complete_directories)'`
			`complete -c firejail -l blacklist -d 'Blacklist dir or file' -F`
			`complete -c firejail -l noblacklist -d 'Disable blacklist for dir or file' -F`
			`complete -c firejail -l whitelist -d 'Whitelist dir or file' -F`
			`complete -c firejail -l nowhitelist -d 'Disable whitelist for dir or file' -F`
			`complete -c firejail -l read-only -d 'Set dir or file read-only' -F`
			`complete -c firejail -l read-write -d 'Set dir or file read-write' -F`
			`# TODO: Comma-separated ("/etc/foo,/usr/etc/foo" bind-mounts /etc/foo on /usr/etc/foo)`
			`complete -c firejail -l bind -d 'Bind-mount file on top of another' -F`
			`complete -c firejail -l private -d 'Mount temporary home directories and delete on exit' -F`
			`complete -c firejail -l netfilter -d 'Enable firewall given by this file' -F`

			`# Interfaces`
			`complete -c firejail -l net -d 'Enable network namespace connected to this interface' -a '(__fish_print_interfaces)'`

			`# Commands`
			`complete -c firejail -a '(__fish_complete_subcommand)'`