kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity

Improve bash completion for docker run --cap-{add,drop}

Browse source 
Docker has several capabilities enabled by default and some not.
It seems natural to follow this distinction in --cap-add and
--cap-drop.

Signed-off-by: Harald Albers <github@albersweb.de>
This commit is contained in:
Harald Albers 2017-01-18 16:01:36 +01:00
parent e1c5e72902
commit 36d8b66cb9
1 changed files with 33 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

52
contrib/completion/bash/docker
View file

@ -591,38 +591,25 @@ __docker_complete_local_interfaces() {
COMPREPLY=( $( compgen -W "$(__docker_local_interfaces) $additional_interface" -- "$cur" ) ) COMPREPLY=( $( compgen -W "$(__docker_local_interfaces) $additional_interface" -- "$cur" ) )
} }
__docker_complete_capabilities() { # __docker_complete_capabilities_addable completes Linux capabilities which are
# The list of capabilities is defined in types.go, ALL was added manually. # not granted by default and may be added.
# see https://docs.docker.com/engine/reference/run/#/runtime-privilege-and-linux-capabilities
__docker_complete_capabilities_addable() {
COMPREPLY=( $( compgen -W " COMPREPLY=( $( compgen -W "
ALL ALL
AUDIT_CONTROL AUDIT_CONTROL
AUDIT_WRITE
AUDIT_READ
BLOCK_SUSPEND BLOCK_SUSPEND
CHOWN
DAC_OVERRIDE
DAC_READ_SEARCH DAC_READ_SEARCH
FOWNER
FSETID
IPC_LOCK IPC_LOCK
IPC_OWNER IPC_OWNER
KILL
LEASE LEASE
LINUX_IMMUTABLE LINUX_IMMUTABLE
MAC_ADMIN MAC_ADMIN
MAC_OVERRIDE MAC_OVERRIDE
MKNOD
NET_ADMIN NET_ADMIN
NET_BIND_SERVICE
NET_BROADCAST NET_BROADCAST
NET_RAW
SETFCAP
SETGID
SETPCAP
SETUID
SYS_ADMIN SYS_ADMIN
SYS_BOOT SYS_BOOT
SYS_CHROOT
SYSLOG SYSLOG
SYS_MODULE SYS_MODULE
SYS_NICE SYS_NICE
@ -636,6 +623,29 @@ __docker_complete_capabilities() {
" -- "$cur" ) ) " -- "$cur" ) )
} }
# __docker_complete_capabilities_droppable completes Linux capability options which are
# allowed by default and can be dropped.
# see https://docs.docker.com/engine/reference/run/#/runtime-privilege-and-linux-capabilities
__docker_complete_capabilities_droppable() {
COMPREPLY=( $( compgen -W "
ALL
AUDIT_WRITE
CHOWN
DAC_OVERRIDE
FOWNER
FSETID
KILL
MKNOD
NET_BIND_SERVICE
NET_RAW
SETFCAP
SETGID
SETPCAP
SETUID
SYS_CHROOT
" -- "$cur" ) )
}
__docker_complete_detach-keys() { __docker_complete_detach-keys() {
case "$prev" in case "$prev" in
--detach-keys) --detach-keys)
@ -1442,8 +1452,12 @@ _docker_container_run() {
COMPREPLY=( $( compgen -W 'stdin stdout stderr' -- "$cur" ) ) COMPREPLY=( $( compgen -W 'stdin stdout stderr' -- "$cur" ) )
return return
;; ;;
--cap-add|--cap-drop) --cap-add)
__docker_complete_capabilities __docker_complete_capabilities_addable
return
;;
--cap-drop)
__docker_complete_capabilities_droppable
return return
;; ;;
--cidfile|--env-file|--label-file) --cidfile|--env-file|--label-file)