aboutsummaryrefslogtreecommitdiffstats
path: root/src/zsh_completion/_firejail.in
diff options
context:
space:
mode:
Diffstat (limited to 'src/zsh_completion/_firejail.in')
-rw-r--r--src/zsh_completion/_firejail.in14
1 files changed, 10 insertions, 4 deletions
diff --git a/src/zsh_completion/_firejail.in b/src/zsh_completion/_firejail.in
index fd27bb35f..f7cd3cdff 100644
--- a/src/zsh_completion/_firejail.in
+++ b/src/zsh_completion/_firejail.in
@@ -62,6 +62,9 @@ _firejail_args=(
62 '--tree[print a tree of all sandboxed processes]' 62 '--tree[print a tree of all sandboxed processes]'
63 '--version[print program version and exit]' 63 '--version[print program version and exit]'
64 64
65 '--ids-check[verify file system]'
66 '--ids-init[initialize IDS database]'
67
65 '--debug[print sandbox debug messages]' 68 '--debug[print sandbox debug messages]'
66 '--debug-blacklists[debug blacklisting]' 69 '--debug-blacklists[debug blacklisting]'
67 '--debug-caps[print all recognized capabilities]' 70 '--debug-caps[print all recognized capabilities]'
@@ -91,6 +94,7 @@ _firejail_args=(
91 '--cgroup=-[place the sandbox in the specified control group]: :' 94 '--cgroup=-[place the sandbox in the specified control group]: :'
92 '--cpu=-[set cpu affinity]: :->cpus' 95 '--cpu=-[set cpu affinity]: :->cpus'
93 "--deterministic-exit-code[always exit with first child's status code]" 96 "--deterministic-exit-code[always exit with first child's status code]"
97 '--deterministic-shutdown[terminate orphan processes]'
94 '*--dns=-[set DNS server]: :' 98 '*--dns=-[set DNS server]: :'
95 '*--env=-[set environment variable]: :' 99 '*--env=-[set environment variable]: :'
96 '--hostname=-[set sandbox hostname]: :' 100 '--hostname=-[set sandbox hostname]: :'
@@ -98,9 +102,11 @@ _firejail_args=(
98 '*--ignore=-[ignore command in profile files]: :' 102 '*--ignore=-[ignore command in profile files]: :'
99 '--ipc-namespace[enable a new IPC namespace]' 103 '--ipc-namespace[enable a new IPC namespace]'
100 '--join-or-start=-[join the sandbox or start a new one name|pid]: :_all_firejails' 104 '--join-or-start=-[join the sandbox or start a new one name|pid]: :_all_firejails'
105 '--keep-config-pulse[disable automatic ~/.config/pulse init]'
101 '--keep-dev-shm[/dev/shm directory is untouched (even with --private-dev)]' 106 '--keep-dev-shm[/dev/shm directory is untouched (even with --private-dev)]'
107 '--keep-fd[inherit open file descriptors to sandbox]'
102 '--keep-var-tmp[/var/tmp directory is untouched]' 108 '--keep-var-tmp[/var/tmp directory is untouched]'
103 '--machine-id[preserve /etc/machine-id]' 109 '--machine-id[spoof /etc/machine-id with a random id]'
104 '--memory-deny-write-execute[seccomp filter to block attempts to create memory mappings that are both writable and executable]' 110 '--memory-deny-write-execute[seccomp filter to block attempts to create memory mappings that are both writable and executable]'
105 '*--mkdir=-[create a directory]:' 111 '*--mkdir=-[create a directory]:'
106 '*--mkfile=-[create a file]:' 112 '*--mkfile=-[create a file]:'
@@ -116,7 +122,9 @@ _firejail_args=(
116 '--nodvd[disable DVD and audio CD devices]' 122 '--nodvd[disable DVD and audio CD devices]'
117 '*--noexec=-[remount the file or directory noexec nosuid and nodev]: :_files' 123 '*--noexec=-[remount the file or directory noexec nosuid and nodev]: :_files'
118 '--nogroups[disable supplementary groups]' 124 '--nogroups[disable supplementary groups]'
125 '--noinput[disable input devices]'
119 '--nonewprivs[sets the NO_NEW_PRIVS prctl]' 126 '--nonewprivs[sets the NO_NEW_PRIVS prctl]'
127 '--noprinters[disable printers]'
120 '--nosound[disable sound system]' 128 '--nosound[disable sound system]'
121 '--nou2f[disable U2F devices]' 129 '--nou2f[disable U2F devices]'
122 '--novideo[disable video devices]' 130 '--novideo[disable video devices]'
@@ -213,7 +221,7 @@ _firejail_args=(
213 '--netfilter.print=-[print the firewall name|pid]: :_all_firejails' 221 '--netfilter.print=-[print the firewall name|pid]: :_all_firejails'
214 '--netfilter6=-[enable IPv6 firewall]: :' 222 '--netfilter6=-[enable IPv6 firewall]: :'
215 '--netfilter6.print=-[print the IPv6 firewall name|pid]: :_all_firejails' 223 '--netfilter6.print=-[print the IPv6 firewall name|pid]: :_all_firejails'
216 '--netmask=-[define a network mask when dealing with unconfigured parrent interfaces]: :' 224 '--netmask=-[define a network mask when dealing with unconfigured parent interfaces]: :'
217 '--netns=-[Run the program in a named, persistent network namespace]: :' 225 '--netns=-[Run the program in a named, persistent network namespace]: :'
218 '--netstats[monitor network statistics]' 226 '--netstats[monitor network statistics]'
219 '--interface=-[move interface in sandbox]: :' 227 '--interface=-[move interface in sandbox]: :'
@@ -249,10 +257,8 @@ _firejail_args=(
249 '*--tmpfs=-[mount a tmpfs filesystem on directory dirname]: :_files -/' 257 '*--tmpfs=-[mount a tmpfs filesystem on directory dirname]: :_files -/'
250#endif 258#endif
251 259
252#ifdef HAVE_WHITELIST
253 '*--nowhitelist=-[disable whitelist for file or directory]: :_files' 260 '*--nowhitelist=-[disable whitelist for file or directory]: :_files'
254 '*--whitelist=-[whitelist directory or file]: :_files' 261 '*--whitelist=-[whitelist directory or file]: :_files'
255#endif
256 262
257#ifdef HAVE_X11 263#ifdef HAVE_X11
258 '--x11[enable X11 sandboxing. The software checks first if Xpra is installed, then it checks if Xephyr is installed. If all fails, it will attempt to use X11 security extension]' 264 '--x11[enable X11 sandboxing. The software checks first if Xpra is installed, then it checks if Xephyr is installed. If all fails, it will attempt to use X11 security extension]'
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-09-12 03:04:56 +0000