1# This file is part of systemd. 2# 3# Copyright 2012-2013 Dan Walsh 4# 5# systemd is free software; you can redistribute it and/or modify it 6# under the terms of the GNU General Public License as published by 7# the Free Software Foundation; either version 2 of the License, or 8# (at your option) any later version. 9# 10# systemd is distributed in the hope that it will be useful, but 11# WITHOUT ANY WARRANTY; without even the implied warranty of 12# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 13# General Public License for more details. 14# 15# You should have received a copy of the GNU General Public License 16# along with systemd; If not, see <http://www.gnu.org/licenses/>. 17 18__contains_word () { 19 local word=$1; shift 20 for w in $*; do [[ $w = $word ]] && return 0; done 21 return 1 22} 23 24__get_all_paths () { 25 dir -1 -F $* | grep '/' | cut -d'/' -f 1 26} 27__get_all_ftypes () { 28 echo '-- -d -c -b -s -l -p' 29} 30__get_all_networks () { 31 seinfo -u 2> /dev/null | tail -n +3 32} 33__get_all_booleans () { 34 getsebool -a 2> /dev/null 35} 36__get_all_types () { 37 seinfo -t 2> /dev/null | tail -n +3 38} 39__get_all_admin_interaces () { 40 awk '/InterfaceVector.*_admin /{ print $2 }' /var/lib/sepolgen/interface_info | awk -F '_admin' '{ print $1 }' 41} 42__get_all_user_role_interaces () { 43 awk '/InterfaceVector.*_role /{ print $2 }' /var/lib/sepolgen/interface_info | awk -F '_role' '{ print $1 }' 44} 45__get_all_user_domains () { 46 seinfo -auserdomain -x 2> /dev/null | tail -n +2 47} 48__get_all_users () { 49 seinfo -u 2> /dev/null | tail -n +2 50} 51__get_all_classes () { 52 seinfo -c 2> /dev/null | tail -n +2 53} 54__get_all_port_types () { 55 seinfo -aport_type -x 2> /dev/null | tail -n +2 56} 57__get_all_domain_types () { 58 seinfo -adomain -x 2> /dev/null | tail -n +2 59} 60__get_all_domains () { 61 seinfo -adomain -x 2>/dev/null | sed 's/_t$//g' 62} 63_sepolicy () { 64 local command=${COMP_WORDS[1]} 65 local cur=${COMP_WORDS[COMP_CWORD]} prev=${COMP_WORDS[COMP_CWORD-1]} 66 local verb comps 67 68 local -A VERBS=( 69 [BOOLEANS]='booleans' 70 [COMMUNICATE]='communicate' 71 [GENERATE]='generate' 72 [GUI]='gui' 73 [INTERFACE]='interface' 74 [MANPAGE]='manpage' 75 [NETWORK]='network' 76 [TRANSITION]='transition' 77 ) 78 79 COMMONOPTS='-P --policy -h --help' 80 local -A OPTS=( 81 [booleans]='-h --help -p --path -a -all -b --boolean' 82 [communicate]='-h --help -s --source -t --target -c --class -S --sourceaccess -T --targetaccess' 83 [generate]='-a --admin --admin_user --application --cgi --confined_admin --customize -d --domain --dbus --desktop_user -h --help --inetd --init -n --name --newtype -p --path --sandbox -T --test --term_user -u --user -w --writepath --x_user' 84 [gui]='-h --help' 85 [interface]='-h --help -a --list_admin -c --compile -i --interface -l --list -u --list_user -u --list_user -v --verbose' 86 [manpage]='-h --help -p --path -a -all -o --os -d --domain -w --web -r --root' 87 [network]='-h --help -d --domain -l --list -p --port -t --type ' 88 [transition]='-h --help -s --source -t --target' 89 ) 90 91 for ((i=0; $i <= $COMP_CWORD; i++)); do 92 if __contains_word "${COMP_WORDS[i]}" ${VERBS[*]} && 93 ! __contains_word "${COMP_WORDS[i-1]}" ${OPTS[ARG}]}; then 94 verb=${COMP_WORDS[i]} 95 break 96 fi 97 done 98 99 if [[ -z $verb ]]; then 100 if [ "$prev" = "-P" -o "$prev" = "--policy" ]; then 101 COMPREPLY=( $( compgen -f -- "$cur") ) 102 compopt -o filenames 103 return 0 104 else 105 comps="${VERBS[*]} ${COMMONOPTS}" 106 fi 107 elif [ "$verb" = "booleans" ]; then 108 if [ "$prev" = "-b" -o "$prev" = "--boolean" ]; then 109 COMPREPLY=( $(compgen -W "$( __get_all_booleans ) " -- "$cur") ) 110 return 0 111 fi 112 COMPREPLY=( $(compgen -W '${OPTS[$verb]}' -- "$cur") ) 113 return 0 114 elif [ "$verb" = "communicate" ]; then 115 if [ "$prev" = "-s" -o "$prev" = "--source" -o "$prev" = "-t" -o "$prev" = "--target" ]; then 116 COMPREPLY=( $(compgen -W "$( __get_all_domain_types ) " -- "$cur") ) 117 return 0 118 elif [ "$prev" = "-c" -o "$prev" = "--class" ]; then 119 COMPREPLY=( $(compgen -W "$( __get_all_classes ) " -- "$cur") ) 120 return 0 121 fi 122 COMPREPLY=( $(compgen -W '${OPTS[$verb]}' -- "$cur") ) 123 return 0 124 elif [ "$verb" = "generate" ]; then 125 if [ "$prev" = "--name" -o "$prev" = "-n" ]; then 126 return 0 127 elif test "$prev" = "-p" || test "$prev" = "--path" ; then 128 COMPREPLY=( $( compgen -d -- "$cur") ) 129 compopt -o filenames 130 return 0 131 elif test "$prev" = "-w" || test "$prev" = "--writepath" ; then 132 COMPREPLY=( $( compgen -d -- "$cur") ) 133 compopt -o filenames 134 return 0 135 elif [ "$prev" = "--domain" -o "$prev" = "-d" ]; then 136 COMPREPLY=( $(compgen -W "$( __get_all_domain_types ) " -- "$cur") ) 137 return 0 138 elif [ "$prev" = "--newtype" ]; then 139 COMPREPLY=( $(compgen -W "-n --name -t --type" -- "$cur") ) 140 return 0 141 elif [ "$prev" = "--admin" -o "$prev" = "-a" ]; then 142 COMPREPLY=( $(compgen -W "$( __get_all_admin_interaces ) " -- "$cur") ) 143 return 0 144 elif [ "$prev" = "--user" -o "$prev" = "-u" ]; then 145 COMPREPLY=( $(compgen -W "$( __get_all_users )" -- "$cur") ) 146 return 0 147 elif [[ "$cur" == "$verb" || "$cur" == "" || "$cur" == -* ]]; then 148 COMPREPLY=( $(compgen -W '${OPTS[$verb]}' -- "$cur") ) 149 return 0 150 fi 151 COMPREPLY=( $( compgen -f -- "$cur") ) 152 compopt -o filenames 153 return 0 154 elif [ "$verb" = "interface" ]; then 155 COMPREPLY=( $(compgen -W '${OPTS[$verb]}' -- "$cur") ) 156 return 0 157 elif [ "$verb" = "manpage" ]; then 158 if [ "$prev" = "-d" -o "$prev" = "--domain" ]; then 159 COMPREPLY=( $(compgen -W "$( __get_all_domains ) " -- "$cur") ) 160 return 0 161 elif test "$prev" = "-r" || test "$prev" = "--root" ; then 162 COMPREPLY=( $( compgen -d -- "$cur") ) 163 compopt -o filenames 164 return 0 165 elif [ "$prev" = "-o" -o "$prev" = "--os" ]; then 166 return 0 167 elif test "$prev" = "-p" || test "$prev" = "--path" ; then 168 COMPREPLY=( $( compgen -d -- "$cur") ) 169 compopt -o filenames 170 return 0 171 fi 172 COMPREPLY=( $(compgen -W '${OPTS[$verb]}' -- "$cur") ) 173 return 0 174 elif [ "$verb" = "network" ]; then 175 if [ "$prev" = "-t" -o "$prev" = "--type" ]; then 176 COMPREPLY=( $(compgen -W "$( __get_all_port_types )" -- "$cur") ) 177 return 0 178 fi 179 if [ "$prev" = "-d" -o "$prev" = "--domain" ]; then 180 COMPREPLY=( $(compgen -W "$( __get_all_domain_types )" -- "$cur") ) 181 return 0 182 fi 183 COMPREPLY=( $(compgen -W '${OPTS[$verb]}' -- "$cur") ) 184 return 0 185 elif [ "$verb" = "transition" ]; then 186 if [ "$prev" = "-s" -o "$prev" = "--source" -o "$prev" = "-t" -o "$prev" = "--target" ]; then 187 COMPREPLY=( $(compgen -W "$( __get_all_domain_types ) " -- "$cur") ) 188 return 0 189 fi 190 COMPREPLY=( $(compgen -W '${OPTS[$verb]}' -- "$cur") ) 191 return 0 192 fi 193 COMPREPLY=( $(compgen -W "$comps" -- "$cur") ) 194 return 0 195} 196complete -F _sepolicy sepolicy 197