--tab: enable shell tab completion

2026-05-22 22:01:18 -06:00 · 2022-02-20 08:05:33 -05:00 · 2022-02-20 08:05:33 -05:00 · e6c50240f9
commit e6c50240f9
parent e697a78fc9
11 changed files with 80 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -213,6 +213,14 @@ We also keep a list of profile fixes for previous released versions in [etc-fixe

 Milestone page: https://github.com/netblue30/firejail/milestone/1

+### Shell tab completion
+```
+       --tab  Enable bash completion in sandboxes using private or whitelisted
+              home directories.
+
+              $ firejail --private --tab
+```
+
 ### Profile Statistics

 A small tool to print profile statistics. Compile and install as usual. The tool is installed in /usr/lib/firejail directory.
@ -251,3 +259,4 @@ Stats:

 ### New profiles:

+onionshare, onionshare-cli
--- a/1
+++ b/1
@ -4,6 +4,7 @@ firejail (0.9.69) baseline; urgency=low
  * bugfix: nogroups + wrc prints confusing messages (#4930 #4933)
  * ci: replace centos (EOL) with almalinux (#4912)
  * docs: Refer to firejail.config in configuration files (#4916)
+  * new profiles: onionshare, onionshare-cli
 -- netblue30 <netblue30@yahoo.com>  Mon, 7 Feb 2022 09:00:00 -0500

 firejail (0.9.68) baseline; urgency=low
--- a/src/firejail/firejail.h
+++ b/src/firejail/firejail.h
@ -365,6 +365,7 @@ extern DbusPolicy arg_dbus_system; // --dbus-system
 extern int arg_dbus_log_user;
 extern int arg_dbus_log_system;
 extern const char *arg_dbus_log_file;
+extern int arg_tab;

 extern int login_shell;
 extern int parent_to_child_fds[2];
--- a/src/firejail/fs_home.c
+++ b/src/firejail/fs_home.c
@ -34,8 +34,10 @@
 #endif

 static void disable_tab_completion(const char *homedir) {
-	char *fname;
+	if (arg_tab)
+		return;

+	char *fname;
 	if (asprintf(&fname, "%s/.inputrc", homedir) == -1)
 		errExit("asprintf");

--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@ -155,6 +155,7 @@ DbusPolicy arg_dbus_system = DBUS_POLICY_ALLOW;	// --dbus-system
 const char *arg_dbus_log_file = NULL;
 int arg_dbus_log_user = 0;
 int arg_dbus_log_system = 0;
+int arg_tab = 0;
 int login_shell = 0;

 int parent_to_child_fds[2];
@ -2798,6 +2799,8 @@ int main(int argc, char **argv, char **envp) {
 		else if (strcmp(argv[i], "--deterministic-shutdown") == 0) {
 			arg_deterministic_shutdown = 1;
 		}
+		else if (strcmp(argv[i], "--tab") == 0)
+			arg_tab = 1;
 		else {
 			// double dash - positional params to follow
 			if (strcmp(argv[i], "--") == 0) {
--- a/src/firejail/profile.c
+++ b/src/firejail/profile.c
@ -389,6 +389,10 @@ int profile_check_line(char *ptr, int lineno, const char *fname) {
 #endif
 		return 0;
 	}
+	else if (strcmp(ptr, "tab") == 0) {
+		arg_tab = 1;
+		return 0;
+	}
 	else if (strcmp(ptr, "private-cwd") == 0) {
 		cfg.cwd = NULL;
 		arg_private_cwd = 1;
--- a/src/firejail/usage.c
+++ b/src/firejail/usage.c
@ -245,6 +245,8 @@ static char *usage_str =
 	"    --shell=none - run the program directly without a user shell.\n"
 	"    --shell=program - set default user shell.\n"
 	"    --shutdown=name|pid - shutdown the sandbox identified by name or PID.\n"
+	"    --tab - enable shell tab completion in sandboxes using private or\n"
+	"\twhitelisted home directories.\n"
 	"    --timeout=hh:mm:ss - kill the sandbox automatically after the time\n"
 	"\thas elapsed.\n"
 	"    --tmpfs=dirname - mount a tmpfs filesystem on directory dirname.\n"
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@ -2683,6 +2683,13 @@ $ firejail \-\-list
 .br
 $ firejail \-\-shutdown=3272
 .TP
+\fB\-\-tab
+Enable bash completion in sandboxes using private or whitelisted home directories.
+.br
+
+.br
+$ firejail \-\-private --tab
+.TP
 \fB\-\-timeout=hh:mm:ss
 Kill the sandbox automatically after the time has elapsed. The time is specified in hours/minutes/seconds format.
 .br
--- a/test/fs/fs.sh
+++ b/test/fs/fs.sh
@ -10,6 +10,9 @@ export LC_ALL=C
 # These directories are required by some tests:
 mkdir -p ~/Desktop ~/Documents ~/Downloads ~/Music ~/Pictures ~/Videos

+echo "TESTING: tab completion (test/fs/tab.exp)"
+./tab.exp
+
 rm -fr ~/_firejail_test_*
 echo "TESTING: mkdir/mkfile (test/fs/mkdir_mkfile.exp)"
 ./mkdir_mkfile.exp
--- a/test/fs/tab.exp
+++ b/test/fs/tab.exp
@ -0,0 +1,46 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2022 Firejail Authors
+# License GPL v2
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+
+send -- "firejail --private ls -al\r"
+expect {
+	timeout {puts "TESTING ERROR 0\n";exit}
+	-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
+}
+expect {
+	timeout {puts "TESTING ERROR 1\n";exit}
+	".inputrc"
+}
+sleep 1
+
+send -- "firejail --private --tab ls -al\r"
+expect {
+	timeout {puts "TESTING ERROR 2\n";exit}
+	-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
+}
+expect {
+	timeout {puts "TESTING ERROR 3\n";exit}
+	".inputrc" {puts "TESTING ERROR 4\n";exit}
+	"Parent is shutting down"
+}
+sleep 1
+
+send -- "firejail --private --profile=tab.profile ls -al\r"
+expect {
+	timeout {puts "TESTING ERROR 5\n";exit}
+	-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
+}
+expect {
+	timeout {puts "TESTING ERROR 6\n";exit}
+	".inputrc" {puts "TESTING ERROR 7\n";exit}
+	"Parent is shutting down"
+}
+sleep 1
+
+puts "\nall done\n"
--- a/test/fs/tab.profile
+++ b/test/fs/tab.profile
@ -0,0 +1 @@
+tab