blob: 9e4babfce086718b9f7eccb1e28071bf8b8f564a [file] [log] [blame]
#!/bin/bash
# Copyright (c) 2009-2010 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# This script generates a initrc file that removes any readline keybindings
# not explicitly allowed. It was used to generate
# window_manager/bin/inputrc.crosh, so that crosh can use readline for its line
# editing features, without exposing edit-and-execute-command or the various
# file completion commands.
#
# To regenerate the inputrc file, run...
#
# $ bind -p | make-safe-initrc > inputrc
#
# Unfortunately this command line cannot be scripted because `bind -p` only
# prints the keybindings from the current environment, and in the context of
# a script there are no keybindings.
#
# The blocked commands are commented out below for reference only.
# Only the non-commented commands will be included in the actual allowlist.
# Any commands found in the `bind -p` output not on that list will be remapped
# to the "abort" readline command.
#
# This list of commands was initially generated with `bind -l`.
ALLOWLIST="$(grep -v "#" <<EOF
abort
accept-line
#alias-expand-line
#arrow-key-prefix
#backward-byte
backward-char
backward-delete-char
backward-kill-line
backward-kill-word
backward-word
beginning-of-history
beginning-of-line
#call-last-kbd-macro
capitalize-word
character-search
character-search-backward
clear-screen
#complete
#complete-command
#complete-filename
#complete-hostname
#complete-into-braces
#complete-username
#complete-variable
copy-backward-word
copy-forward-word
copy-region-as-kill
delete-char
delete-char-or-list
delete-horizontal-space
digit-argument
#display-shell-version
do-lowercase-version
downcase-word
#dump-functions
#dump-macros
#dump-variables
dynamic-complete-history
#edit-and-execute-command
#emacs-editing-mode
#end-kbd-macro
end-of-history
end-of-line
exchange-point-and-mark
forward-backward-delete-char
forward-byte
forward-char
forward-search-history
forward-word
#glob-complete-word
#glob-expand-word
#glob-list-expansions
#history-and-alias-expand-line
history-expand-line
history-search-backward
history-search-forward
#insert-comment
#insert-completions
insert-last-argument
kill-line
kill-region
kill-whole-line
kill-word
#magic-space
#menu-complete
next-history
non-incremental-forward-search-history
non-incremental-forward-search-history-again
non-incremental-reverse-search-history
non-incremental-reverse-search-history-again
operate-and-get-next
overwrite-mode
#possible-command-completions
#possible-completions
#possible-filename-completions
#possible-hostname-completions
#possible-username-completions
#possible-variable-completions
previous-history
quoted-insert
#re-read-init-file
redraw-current-line
reverse-search-history
revert-line
self-insert
set-mark
#shell-expand-line
#start-kbd-macro
tab-insert
#tilde-expand
transpose-chars
transpose-words
#tty-status
undo
universal-argument
unix-filename-rubout
unix-line-discard
unix-word-rubout
upcase-word
#vi-append-eol
#vi-append-mode
#vi-arg-digit
#vi-bWord
#vi-back-to-indent
#vi-bword
#vi-change-case
#vi-change-char
#vi-change-to
#vi-char-search
#vi-column
#vi-complete
#vi-delete
#vi-delete-to
#vi-eWord
#vi-editing-mode
#vi-end-word
#vi-eof-maybe
#vi-eword
#vi-fWord
#vi-fetch-history
#vi-first-print
#vi-fword
#vi-goto-mark
#vi-insert-beg
#vi-insertion-mode
#vi-match
#vi-movement-mode
#vi-next-word
#vi-overstrike
#vi-overstrike-delete
#vi-prev-word
#vi-put
#vi-redo
#vi-replace
#vi-rubout
#vi-search
#vi-search-again
#vi-set-mark
#vi-subst
#vi-tilde-expand
#vi-yank-arg
#vi-yank-to
yank
yank-last-arg
yank-nth-arg
yank-pop
EOF
)"
if [ -t 0 ]; then
echo "Usage: bind -p | $0 > inputrc"
exit
fi
# Remove any commands that are not bound to a key.
BINDINGS="$(cat | grep -v "not bound")"
# Remove any allowed commands from the list of bindings.
for safecommand in ${ALLOWLIST}; do
BINDINGS="$(echo "${BINDINGS}" | grep -v ": ${safecommand}\$")"
done
# Anything left is not allowed, remap it to the "abort" command.
echo "# Generated with $(basename $0) on $(date)"
echo "${BINDINGS}" | sed 's/\([^:]\+\):\(.*\)$/\1: abort #\2/'
echo
echo "set expand-tilde off"
echo "set disable-completion on"