diff options
author | Kelvin M. Klann <kmk3.code@protonmail.com> | 2023-01-23 17:35:51 -0300 |
---|---|---|
committer | Kelvin M. Klann <kmk3.code@protonmail.com> | 2023-01-28 00:05:54 -0300 |
commit | aad1351ab111372232cbdd249a12a194b9884f7b (patch) | |
tree | 478cc8771c175da9540069efa7f4f6c5130ed415 /contrib/syntax/files/firejail.vim.in | |
parent | build: auto-generate syntax lists (diff) | |
download | firejail-aad1351ab111372232cbdd249a12a194b9884f7b.tar.gz firejail-aad1351ab111372232cbdd249a12a194b9884f7b.tar.zst firejail-aad1351ab111372232cbdd249a12a194b9884f7b.zip |
build: auto-generate syntax files
Changes:
* Generate firejail.vim from firejail.vim.in
* Generate firejail-profile.lang from firejail-profile.lang.in
* Update the manual syntax file steps on the new command checklist on
CONTRIBUTING.md to use `make syntax` instead
Relates to #2679 #5502 #5577 #5612.
Diffstat (limited to 'contrib/syntax/files/firejail.vim.in')
-rw-r--r-- | contrib/syntax/files/firejail.vim.in | 99 |
1 files changed, 99 insertions, 0 deletions
diff --git a/contrib/syntax/files/firejail.vim.in b/contrib/syntax/files/firejail.vim.in new file mode 100644 index 000000000..ec6b29e4f --- /dev/null +++ b/contrib/syntax/files/firejail.vim.in | |||
@@ -0,0 +1,99 @@ | |||
1 | " @make_input@ | ||
2 | " Vim syntax file | ||
3 | " Language: Firejail security sandbox profile | ||
4 | " URL: https://github.com/netblue30/firejail | ||
5 | |||
6 | if exists("b:current_syntax") | ||
7 | finish | ||
8 | endif | ||
9 | |||
10 | |||
11 | syn iskeyword @,48-57,_,.,- | ||
12 | |||
13 | |||
14 | syn keyword fjTodo TODO FIXME XXX NOTE contained | ||
15 | syn match fjComment "#.*$" contains=fjTodo | ||
16 | |||
17 | "TODO: highlight "dangerous" capabilities differently, as is done in apparmor.vim? | ||
18 | syn keyword fjCapability audit_control audit_read audit_write block_suspend chown dac_override dac_read_search fowner fsetid ipc_lock ipc_owner kill lease linux_immutable mac_admin mac_override mknod net_admin net_bind_service net_broadcast net_raw setgid setfcap setpcap setuid sys_admin sys_boot sys_chroot sys_module sys_nice sys_pacct sys_ptrace sys_rawio sys_resource sys_time sys_tty_config syslog wake_alarm nextgroup=fjCapabilityList contained | ||
19 | syn match fjCapabilityList /,/ nextgroup=fjCapability contained | ||
20 | |||
21 | syn keyword fjNamespaces cgroup ipc net mnt pid time user uts nextgroup=fjNamespacesList contained | ||
22 | syn match fjNamespacesList /,/ nextgroup=fjNamespaces contained | ||
23 | |||
24 | syn keyword fjProtocol unix inet inet6 netlink packet nextgroup=fjProtocolList contained | ||
25 | syn match fjProtocolList /,/ nextgroup=fjProtocol contained | ||
26 | |||
27 | " Syscalls (auto-generated) | ||
28 | syn keyword fjSyscall @FJ_SYSCALLS@ nextgroup=fjSyscallErrno contained | ||
29 | " Syscall groups (auto-generated) | ||
30 | syn match fjSyscall /\v\@(@FJ_SYSCALL_GROUPS@)>/ nextgroup=fjSyscallErrno contained | ||
31 | syn match fjSyscall /\$[0-9]\+/ nextgroup=fjSyscallErrno contained | ||
32 | " Errnos (auto-generated) | ||
33 | syn match fjSyscallErrno /\v(:(@FJ_SYSTEM_ERRNOS@)>)?/ nextgroup=fjSyscallList contained | ||
34 | syn match fjSyscallList /,/ nextgroup=fjSyscall contained | ||
35 | |||
36 | syn keyword fjX11Sandbox none xephyr xorg xpra xvfb contained | ||
37 | syn keyword fjSeccompAction kill log ERRNO contained | ||
38 | |||
39 | syn match fjEnvVar "[A-Za-z0-9_]\+=" contained | ||
40 | syn match fjRmenvVar "[A-Za-z0-9_]\+" contained | ||
41 | |||
42 | syn keyword fjAll all contained | ||
43 | syn keyword fjNone none contained | ||
44 | syn keyword fjLo lo contained | ||
45 | syn keyword fjFilter filter contained | ||
46 | |||
47 | " Variable names (auto-generated) | ||
48 | syn match fjVar /\v\$\{(@FJ_PROFILE_MACROS@)}/ | ||
49 | |||
50 | " Profile commands with 1 argument (auto-generated) | ||
51 | syn match fjCommand /\v(@FJ_PROFILE_COMMANDS_ARG1@) / skipwhite contained | ||
52 | " Profile commands with 0 arguments (auto-generated) | ||
53 | syn match fjCommand /\v(@FJ_PROFILE_COMMANDS_ARG0@)$/ contained | ||
54 | syn match fjCommand /ignore / nextgroup=fjCommand,fjCommandNoCond skipwhite contained | ||
55 | syn match fjCommand /caps\.drop / nextgroup=fjCapability,fjAll skipwhite contained | ||
56 | syn match fjCommand /caps\.keep / nextgroup=fjCapability skipwhite contained | ||
57 | syn match fjCommand /protocol / nextgroup=fjProtocol skipwhite contained | ||
58 | syn match fjCommand /restrict-namespaces / nextgroup=fjNamespaces skipwhite contained | ||
59 | syn match fjCommand /\vseccomp(\.32)?(\.drop|\.keep)? / nextgroup=fjSyscall skipwhite contained | ||
60 | syn match fjCommand /x11 / nextgroup=fjX11Sandbox skipwhite contained | ||
61 | syn match fjCommand /env / nextgroup=fjEnvVar skipwhite contained | ||
62 | syn match fjCommand /rmenv / nextgroup=fjRmenvVar skipwhite contained | ||
63 | syn match fjCommand /shell / nextgroup=fjNone skipwhite contained | ||
64 | syn match fjCommand /net / nextgroup=fjNone,fjLo skipwhite contained | ||
65 | syn match fjCommand /ip / nextgroup=fjNone skipwhite contained | ||
66 | syn match fjCommand /seccomp-error-action / nextgroup=fjSeccompAction skipwhite contained | ||
67 | syn match fjCommand /\vdbus-(user|system) / nextgroup=fjFilter,fjNone skipwhite contained | ||
68 | syn match fjCommand /\vdbus-(user|system)\.(broadcast|call|own|see|talk) / skipwhite contained | ||
69 | " Commands that can't be inside a ?CONDITIONAL: statement | ||
70 | syn match fjCommandNoCond /include / skipwhite contained | ||
71 | syn match fjCommandNoCond /quiet$/ contained | ||
72 | |||
73 | " Conditionals (auto-generated) | ||
74 | syn match fjConditional /\v\?(@FJ_PROFILE_CONDITIONALS@) ?:/ nextgroup=fjCommand skipwhite contained | ||
75 | |||
76 | " A line is either a command, a conditional or a comment | ||
77 | syn match fjStatement /^/ nextgroup=fjCommand,fjCommandNoCond,fjConditional,fjComment | ||
78 | |||
79 | hi def link fjTodo Todo | ||
80 | hi def link fjComment Comment | ||
81 | hi def link fjCommand Statement | ||
82 | hi def link fjCommandNoCond Statement | ||
83 | hi def link fjConditional Macro | ||
84 | hi def link fjVar Identifier | ||
85 | hi def link fjCapability Type | ||
86 | hi def link fjProtocol Type | ||
87 | hi def link fjSyscall Type | ||
88 | hi def link fjSyscallErrno Constant | ||
89 | hi def link fjX11Sandbox Type | ||
90 | hi def link fjEnvVar Type | ||
91 | hi def link fjRmenvVar Type | ||
92 | hi def link fjAll Type | ||
93 | hi def link fjNone Type | ||
94 | hi def link fjLo Type | ||
95 | hi def link fjFilter Type | ||
96 | hi def link fjSeccompAction Type | ||
97 | |||
98 | |||
99 | let b:current_syntax = "firejail" | ||