_systemd-nspawn revision 4433c995c77b66f42fe4a238aff6b53706628a2e
30fd4d1eb13a200ebcc852d3ce28f3cb30197957William Giokas#compdef systemd-nspawn
30fd4d1eb13a200ebcc852d3ce28f3cb30197957William Giokas_nspawn-caps(){
30fd4d1eb13a200ebcc852d3ce28f3cb30197957William Giokas local -a _caps
30fd4d1eb13a200ebcc852d3ce28f3cb30197957William Giokas _caps=( CAP_CHOWN CAP_DAC_OVERRIDE CAP_DAC_READ_SEARCH
30fd4d1eb13a200ebcc852d3ce28f3cb30197957William Giokas CAP_FOWNER CAP_FSETID CAP_IPC_OWNER CAP_KILL CAP_LEASE CAP_LINUX_IMMUTABLE
30fd4d1eb13a200ebcc852d3ce28f3cb30197957William Giokas CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SETGID CAP_SETFCAP CAP_SETPCAP
30fd4d1eb13a200ebcc852d3ce28f3cb30197957William Giokas CAP_SETUID CAP_SYS_ADMIN CAP_SYS_CHROOT CAP_SYS_NICE CAP_SYS_PTRACE CAP_SYS_TTY_CONFIG
30fd4d1eb13a200ebcc852d3ce28f3cb30197957William Giokas CAP_SYS_RESOURCE CAP_SYS_BOOT )
30fd4d1eb13a200ebcc852d3ce28f3cb30197957William Giokas _values -s , 'capabilities' "$_caps[@]"
30fd4d1eb13a200ebcc852d3ce28f3cb30197957William Giokas {-h,--help}'[Show this help]' \
862f4963c6f7778cea9e715eeb11ea959eba6db3William Giokas {--directory=,-D+}'[Directory to use as file system root for the namespace container. If omitted the current directory will be used.]:directories:_directories' \
4433c995c77b66f42fe4a238aff6b53706628a2eDaniel Mack {--image=,-i+}'[Disk image to mount the root directory for the container from.]' \
4433c995c77b66f42fe4a238aff6b53706628a2eDaniel Mack {--boot=,-b+}'[Automatically search for an init binary and invoke it instead of a shell or a user supplied program.]' \
862f4963c6f7778cea9e715eeb11ea959eba6db3William Giokas {--user=,-u+}'[Run the command under specified user, create home directory and cd into it.]' \
4433c995c77b66f42fe4a238aff6b53706628a2eDaniel Mack {--machine=,-M+}'[Sets the machine name for this container.]' \
30fd4d1eb13a200ebcc852d3ce28f3cb30197957William Giokas '--uuid=[Set the specified uuid for the container.]' \
4433c995c77b66f42fe4a238aff6b53706628a2eDaniel Mack '--slice=[Make the container part of the specified slice, instead of the default machine.slice.]' \
30fd4d1eb13a200ebcc852d3ce28f3cb30197957William Giokas '--private-network[Turn off networking in the container. This makes all network interfaces unavailable in the container, with the exception of the loopback device.]' \
4433c995c77b66f42fe4a238aff6b53706628a2eDaniel Mack '--private-network[Disconnect networking of the container from the host.]' \
4433c995c77b66f42fe4a238aff6b53706628a2eDaniel Mack '--network-interface=[Assign the specified network interface to the container.]' \
4433c995c77b66f42fe4a238aff6b53706628a2eDaniel Mack '--network-macvlan=[Create a "macvlan" interface of the specified Ethernet network interface and add it to the container.]' \
4433c995c77b66f42fe4a238aff6b53706628a2eDaniel Mack '--network-veth[Create a virtual Ethernet link (veth) between host and container.]' \
4433c995c77b66f42fe4a238aff6b53706628a2eDaniel Mack '--network-bridge=[Adds the host side of the Ethernet link created with --network-veth to the specified bridge.]' \
4433c995c77b66f42fe4a238aff6b53706628a2eDaniel Mack {--selinux-context=,-Z+}'[Sets the SELinux security context to be used to label processes in the container.]' \
4433c995c77b66f42fe4a238aff6b53706628a2eDaniel Mack {--selinux-apifs-context=,-L+}'[Sets the SELinux security context to be used to label files in the virtual API file systems in the container.]' \
30fd4d1eb13a200ebcc852d3ce28f3cb30197957William Giokas '--capability=[List one or more additional capabilities to grant the container.]:capabilities:_nspawn-caps' \
4433c995c77b66f42fe4a238aff6b53706628a2eDaniel Mack '--drop-capability=[Specify one or more additional capabilities to drop for the container]' \
30fd4d1eb13a200ebcc852d3ce28f3cb30197957William Giokas "--link-journal=[Control whether the container's journal shall be made visible to the host system.]:options:(no, host, guest, auto)" \
4433c995c77b66f42fe4a238aff6b53706628a2eDaniel Mack '-j[Equivalent to --link-journal=guest.]' \
4433c995c77b66f42fe4a238aff6b53706628a2eDaniel Mack '--read-only[Mount the root file system read only for the container.]' \
4433c995c77b66f42fe4a238aff6b53706628a2eDaniel Mack '--bind=[Bind mount a file or directory from the host into the container.]' \
4433c995c77b66f42fe4a238aff6b53706628a2eDaniel Mack '--bind-ro=[Bind mount a file or directory from the host into the container (read-only).]' \
4433c995c77b66f42fe4a238aff6b53706628a2eDaniel Mack '--setenv=[Specifies an environment variable assignment to pass to the init process in the container, in the format "NAME=VALUE".]' \
4433c995c77b66f42fe4a238aff6b53706628a2eDaniel Mack '--share-system[Allows the container to share certain system facilities with the host.]' \
4433c995c77b66f42fe4a238aff6b53706628a2eDaniel Mack '--register=[Controls whether the container is registered with systemd-machined(8).]' \
4433c995c77b66f42fe4a238aff6b53706628a2eDaniel Mack '--keep-unit[Instead of creating a transient scope unit to run the container in, simply register the service or scope unit systemd-nspawn has been invoked in with systemd-machined(8).]' \
4433c995c77b66f42fe4a238aff6b53706628a2eDaniel Mack '--personality=[Control the architecture ("personality") reported by uname(2) in the container.]' \
4433c995c77b66f42fe4a238aff6b53706628a2eDaniel Mack {--quiet,-q}'[Turns off any status output by the tool itself.]' \
4433c995c77b66f42fe4a238aff6b53706628a2eDaniel Mack {--help,-h}'[Print a short help text and exit.]' \
4433c995c77b66f42fe4a238aff6b53706628a2eDaniel Mack '--version[Print a short version string and exit.]'