From 359e0dae2bded75eebf7fe3b3cf919e1dd44c333 Mon Sep 17 00:00:00 2001 From: dana Date: Wed, 11 Mar 2020 16:26:41 -0500 Subject: 45424: completion: Add **/sbin to PATH when completing commands like sudo * Update _command_names to add **/sbin to PATH when not otherwise overridden and _comp_priv_prefix is set. This ensures that, on systems where unprivileged users don't have **/sbin in their PATHs, we can still complete those commands when they try to run them with e.g. sudo * Update functions for privilege-gaining commands to use the aforementioned mechanism * Fix some other minor issues in _pfexec and _doas Changes from the posted diff: * Fix a minor redundancy in _doas * Add _c_p_p=( '' ) hack to _su --- Completion/Unix/Command/_doas | 21 +++++++++++---------- Completion/Unix/Command/_su | 6 ++++++ Completion/Unix/Command/_sudo | 14 +++++++++----- 3 files changed, 26 insertions(+), 15 deletions(-) (limited to 'Completion/Unix/Command') diff --git a/Completion/Unix/Command/_doas b/Completion/Unix/Command/_doas index 94395557c..3ef036a88 100644 --- a/Completion/Unix/Command/_doas +++ b/Completion/Unix/Command/_doas @@ -1,7 +1,8 @@ #compdef doas -local environ e cmd +local environ e cmd cpp local -a _comp_priv_prefix +local -A opt_args zstyle -a ":completion:${curcontext}:" environ environ @@ -10,13 +11,13 @@ do local -x "$e" done cmd="$words[1]" +cpp='_comp_priv_prefix=( $cmd -n ${(kv)opt_args[(I)-u]} )' _arguments -s -S -A '-*' : \ - - optL \ - '-L[clear any persisted authorizations]' \ - - default \ - '-a+[specify authentication style]:authentication style' \ - '(-n -s)-C+[check config file and report on command matching]:config:_files' \ - '(-C)-n[non-interactive: fail rather than prompt for a password]' \ - '(-C *)-s[run a shell]' \ - '-u+[run command as specified user]:user:_users' \ - '*::arguments:{ _comp_priv_prefix=( $cmd -n ${(kv)opt_args[-u]} ) ; _normal }' + '(: * -)-L[clear any persisted authorizations]' \ + '(-L)-a+[specify authentication style]:authentication style' \ + '(-L -n -s)-C+[check config file and report on command matching]:config:_files' \ + '(-C -L)-n[non-interactive: fail rather than prompt for a password]' \ + '(-C -L *)-s[run a shell]' \ + '(-L)-u+[run command as specified user]: :_users' \ + "(-)1: :{ $cpp; _command_names -e }" \ + "*:: :{ $cpp; _normal }" diff --git a/Completion/Unix/Command/_su b/Completion/Unix/Command/_su index 032f867f4..066f5c3b6 100644 --- a/Completion/Unix/Command/_su +++ b/Completion/Unix/Command/_su @@ -63,6 +63,12 @@ if (( $words[(i)-] < CURRENT )); then norm=2 fi +# This is set so that _command_names will understand that we're completing for +# a privileged command, but _call_program won't actually prepend anything to +# commands if gain-privileges is enabled (which would be undesirable here since +# su always prompts for a password). We delay setting it until this point so it +# doesn't cause issues for the check above +local -a _comp_priv_prefix=( '' ) _arguments $args ${(e)first} "*:shell arguments:= ->rest" && return usr=${${(Q)line[norm]}/--/root} diff --git a/Completion/Unix/Command/_sudo b/Completion/Unix/Command/_sudo index 41e32cbae..e3d12d72f 100644 --- a/Completion/Unix/Command/_sudo +++ b/Completion/Unix/Command/_sudo @@ -2,9 +2,9 @@ setopt localoptions extended_glob -local environ e cmd -local -a args -local -a _comp_priv_prefix +local environ e cmd cpp +local -a args _comp_priv_prefix +local -A opt_args zstyle -a ":completion:${curcontext}:" environ environ @@ -42,6 +42,10 @@ if [[ $service = sudoedit ]] || (( $words[(i)-e] < $words[(i)^(*sudo|-[^-]*)] )) args=( -A "-*" $args '!(-V --version -h --help)-e' '*:file:_files' ) else cmd="$words[1]" + cpp='_comp_priv_prefix=( + $cmd -n + ${(kv)opt_args[(I)(-[ugHEP]|--(user|group|set-home|preserve-env|preserve-groups))]} + )' args+=( '(-e --edit 1 *)'{-e,--edit}'[edit files instead of running a command]' \ '(-s --shell)'{-s,--shell}'[run shell as the target user; a command may also be specified]' \ @@ -51,8 +55,8 @@ else '(-E -i --login -s --shell -e --edit)--preserve-env=-[preserve user environment when running command]::environment variable:_sequence _parameters -g "*export*"' \ '(-H --set-home -i --login -s --shell -e --edit)'{-H,--set-home}"[set HOME variable to target user's home dir]" \ '(-P --preserve-groups -i -login -s --shell -e --edit)'{-P,--preserve-groups}"[preserve group vector instead of setting to target's]" \ - '(-)1:command: _command_names -e' - '*::arguments:{ _comp_priv_prefix=( $cmd -n ${(kv)opt_args[(I)(-[ugHEP]|--(user|group|set-home|preserve-env|preserve-groups))]} ) ; _normal }' + "(-)1: :{ $cpp; _command_names -e }" + "*:: :{ $cpp; _normal }" ) fi -- cgit 1.4.1