-
Notifications
You must be signed in to change notification settings - Fork 1.9k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
cli/command/container: add completion for --cap-add, --cap-drop
With this patch: docker run --cap-add <TAB> ALL CAP_KILL CAP_SETUID CAP_AUDIT_CONTROL CAP_LEASE CAP_SYSLOG CAP_AUDIT_READ CAP_LINUX_IMMUTABLE CAP_SYS_ADMIN CAP_AUDIT_WRITE CAP_MAC_ADMIN CAP_SYS_BOOT CAP_BLOCK_SUSPEND CAP_MAC_OVERRIDE CAP_SYS_CHROOT CAP_BPF CAP_MKNOD CAP_SYS_MODULE CAP_CHECKPOINT_RESTORE CAP_NET_ADMIN CAP_SYS_NICE CAP_CHOWN CAP_NET_BIND_SERVICE CAP_SYS_PACCT CAP_DAC_OVERRIDE CAP_NET_BROADCAST CAP_SYS_PTRACE CAP_DAC_READ_SEARCH CAP_NET_RAW CAP_SYS_RAWIO CAP_FOWNER CAP_PERFMON CAP_SYS_RESOURCE CAP_FSETID CAP_SETFCAP CAP_SYS_TIME CAP_IPC_LOCK CAP_SETGID CAP_SYS_TTY_CONFIG CAP_IPC_OWNER CAP_SETPCAP CAP_WAKE_ALARM Signed-off-by: Sebastiaan van Stijn <[email protected]>
- Loading branch information
Showing
3 changed files
with
73 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,69 @@ | ||
package container | ||
|
||
import ( | ||
"github.com/docker/cli/cli/command/completion" | ||
"github.com/spf13/cobra" | ||
) | ||
|
||
// allLinuxCapabilities is a list of all known Linux capabilities. | ||
// | ||
// This list was based on the containerd pkg/cap package; | ||
// https://github.com/containerd/containerd/blob/v1.7.19/pkg/cap/cap_linux.go#L133-L181 | ||
// | ||
// TODO(thaJeztah): add descriptions, and enable descriptions for our completion scripts (cobra.CompletionOptions.DisableDescriptions is currently set to "true") | ||
var allLinuxCapabilities = []string{ | ||
"ALL", // magic value for "all capabilities" | ||
|
||
// caps35 is the caps of kernel 3.5 (37 entries) | ||
"CAP_CHOWN", // 2.2 | ||
"CAP_DAC_OVERRIDE", // 2.2 | ||
"CAP_DAC_READ_SEARCH", // 2.2 | ||
"CAP_FOWNER", // 2.2 | ||
"CAP_FSETID", // 2.2 | ||
"CAP_KILL", // 2.2 | ||
"CAP_SETGID", // 2.2 | ||
"CAP_SETUID", // 2.2 | ||
"CAP_SETPCAP", // 2.2 | ||
"CAP_LINUX_IMMUTABLE", // 2.2 | ||
"CAP_NET_BIND_SERVICE", // 2.2 | ||
"CAP_NET_BROADCAST", // 2.2 | ||
"CAP_NET_ADMIN", // 2.2 | ||
"CAP_NET_RAW", // 2.2 | ||
"CAP_IPC_LOCK", // 2.2 | ||
"CAP_IPC_OWNER", // 2.2 | ||
"CAP_SYS_MODULE", // 2.2 | ||
"CAP_SYS_RAWIO", // 2.2 | ||
"CAP_SYS_CHROOT", // 2.2 | ||
"CAP_SYS_PTRACE", // 2.2 | ||
"CAP_SYS_PACCT", // 2.2 | ||
"CAP_SYS_ADMIN", // 2.2 | ||
"CAP_SYS_BOOT", // 2.2 | ||
"CAP_SYS_NICE", // 2.2 | ||
"CAP_SYS_RESOURCE", // 2.2 | ||
"CAP_SYS_TIME", // 2.2 | ||
"CAP_SYS_TTY_CONFIG", // 2.2 | ||
"CAP_MKNOD", // 2.4 | ||
"CAP_LEASE", // 2.4 | ||
"CAP_AUDIT_WRITE", // 2.6.11 | ||
"CAP_AUDIT_CONTROL", // 2.6.11 | ||
"CAP_SETFCAP", // 2.6.24 | ||
"CAP_MAC_OVERRIDE", // 2.6.25 | ||
"CAP_MAC_ADMIN", // 2.6.25 | ||
"CAP_SYSLOG", // 2.6.37 | ||
"CAP_WAKE_ALARM", // 3.0 | ||
"CAP_BLOCK_SUSPEND", // 3.5 | ||
|
||
// caps316 is the caps of kernel 3.16 (38 entries) | ||
"CAP_AUDIT_READ", | ||
|
||
// caps58 is the caps of kernel 5.8 (40 entries) | ||
"CAP_PERFMON", | ||
"CAP_BPF", | ||
|
||
// caps59 is the caps of kernel 5.9 (41 entries) | ||
"CAP_CHECKPOINT_RESTORE", | ||
} | ||
|
||
func completeLinuxCapabilityNames(cmd *cobra.Command, args []string, toComplete string) (names []string, _ cobra.ShellCompDirective) { | ||
return completion.FromList(allLinuxCapabilities...)(cmd, args, toComplete) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters