nusenu: >>>> I'm generating instance names based on IP addresses_ORport (so they >>>> contain "." and "_") and are therefore filtered by the generator. >>>> >>>> Is it acceptable to add "." and "_" to the whitelist? >>>> >>>> (patches attached) >>> >>> Based on the output of 'systemd-escape' (a tool that escapes strings for >>> use in unit names) it is safe to use "." and "_" in unit names. >> >> I am always wary of allowing dots in anything. Allowing dots and >> thereby also allowing ".." is the origin of many vectors. This doesn't >> necessarily mean that it's a problem here, but it's the reason I usually >> exclude periods from. > > > Since systemd devs deem it safe to use "." (and also "..") in unit files > would you share their opinion or will "." stay excluded? > > You are tending towards not adding it? > Either way it would be nice to have a decision so I could move forward > (either by simply waiting for an package update or if rejected, by > finding a not-to-ugly work around for that limitation). > >> Another is that I want to be able to move foo to foo.disabled or >> foo.bak, and have it not get picked up. > > That does not conflict with the idea to allow dots, yes? For the record: I "solved" this problem by replacing the generator shipped by the debian package. (I added "_" and "." to the list of allowed characters.) On systemd v219 this is rather easy, since replacing package generators is a build in feature of systemd, on debian stable (systemd v215) a dpkg-statoverride "hack" has been used, thanks to Martin Pitt (debian/ubuntu dev) for this hint. https://github.com/nusenu/ansible-relayor/blob/0406395a8758f12abd57914532cc0ff17894d015/tasks/apt_install.yml#L38-L55
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays