Re: [systemd-devel] systemctl escaping of unit names
On Tue, 08.07.14 00:22, Michael Biebl (mbi...@gmail.com) wrote: 2014-07-07 23:50 GMT+02:00 Michael Biebl mbi...@gmail.com: 2014-07-07 22:54 GMT+02:00 Lennart Poettering lenn...@poettering.net: I have now committed your original patch and beefed it up considerably. Added Zbigniew's --template= switch, and a couple of other things. Also added docs, with a few examples. http://www.freedesktop.org/software/systemd/man/systemd-escape.html Very nice, thanks a lot! Would you object moving that helper to rootbindir so it can be used from within udev rules without having to worry if /usr is a separate partition. Not thrilled about moving more stuff to the root dir, but well... IIRC you have commit access: fix it! Thanks, Lennart -- Lennart Poettering, Red Hat ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemctl escaping of unit names
Am 08.07.2014 14:14 schrieb Lennart Poettering lenn...@poettering.net: On Tue, 08.07.14 00:22, Michael Biebl (mbi...@gmail.com) wrote: 2014-07-07 23:50 GMT+02:00 Michael Biebl mbi...@gmail.com: 2014-07-07 22:54 GMT+02:00 Lennart Poettering lenn...@poettering.net : I have now committed your original patch and beefed it up considerably. Added Zbigniew's --template= switch, and a couple of other things. Also added docs, with a few examples. http://www.freedesktop.org/software/systemd/man/systemd-escape.html Very nice, thanks a lot! Would you object moving that helper to rootbindir so it can be used from within udev rules without having to worry if /usr is a separate partition. Not thrilled about moving more stuff to the root dir, but well... IIRC you have commit access: fix it! Done. Thanks again! ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemctl escaping of unit names
On Sun, 06.07.14 22:28, Michael Biebl (mbi...@gmail.com) wrote: +if (argc != 2) { +log_error(This program requires on argument.); +return EXIT_FAILURE; +} + +escaped_name = unit_name_escape(argv[1]); I'd prefer if we'd do this for all arguments passed. Also, as mentioned earlier, please also add a switch for undoing escaping, and even better also for simply unit_name_mangle() logic. Also, --help, man page, ... Lennart -- Lennart Poettering, Red Hat ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemctl escaping of unit names
On Mon, 07.07.14 12:50, Lennart Poettering (lenn...@poettering.net) wrote: On Sun, 06.07.14 22:28, Michael Biebl (mbi...@gmail.com) wrote: +if (argc != 2) { +log_error(This program requires on argument.); +return EXIT_FAILURE; +} + +escaped_name = unit_name_escape(argv[1]); I'd prefer if we'd do this for all arguments passed. Also, as mentioned earlier, please also add a switch for undoing escaping, and even better also for simply unit_name_mangle() logic. Also, --help, man page, ... I have now committed your original patch and beefed it up considerably. Added Zbigniew's --template= switch, and a couple of other things. Also added docs, with a few examples. http://www.freedesktop.org/software/systemd/man/systemd-escape.html Enjoy! Lennart -- Lennart Poettering, Red Hat ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemctl escaping of unit names
2014-07-07 22:54 GMT+02:00 Lennart Poettering lenn...@poettering.net: I have now committed your original patch and beefed it up considerably. Added Zbigniew's --template= switch, and a couple of other things. Also added docs, with a few examples. http://www.freedesktop.org/software/systemd/man/systemd-escape.html Very nice, thanks a lot! -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] systemctl escaping of unit names
Hello everybody, I join this mailing list because I want to discuss extending systemctl with a method to escape unit names. Currently systemd and systemctl deal with escaped unit names but there are many potential name sources which doesn't have out-of-the-box escaping methods. The issue is a Debian bug related to a service unit for a network device [0]. Current situation * systemctl somewhat supports escaping of paths for the unit types device and mount (in function unit_name_mangle). * systemctl prevents broken unit names by escaping invalid characters, but doesn't escape in a transparent way clear_name-escaped_name (it isn't supposed to do that, because ready-to-use i. e. escaped unit names are expected) * systemd does not provide access to the escaping methods in a practical way for most environments. Although the escape mechanism is documented, have systemd integrators implement it by themself has some disadvantages: 1. It can't be simply done in shell only. 2. Lots of independently created escapes potentially lead to errors, which can cause various effects up to security risks or system hangs. Proposal 1. Extend systemctl unit name interpretation with a syntax to escape in controlled manner, preferably capable of escaping only parts of a given name to support compound names with verbatim content (given by users typing anything they imagine in their GUI). 2. The syntax must match this criteria * no valid C escaped string (to clearly distinguish valid names) * a possible end token could be easily preencoded in shell and common languages 3. Document this. Possible syntax: Start token: '\' + '#' + number of characters to be encoded (C-lib-parsed) + '#' End token: none ;-) Example 1 (UTF-8, decimal number): Raw: tunnel_\#14#Nürnberg-Link.device Escaped: tunnel_N\xC3\xBCrnberg\x2DLink.device Example 2 (Latin1, hex number) Raw: tunnel_\#0xD#Nürnberg-Link.device Escaped: tunnel_N\xFCrnberg\x2DLink.device In POSIX shell: name=Nürnberg-Link LC_ALL=C systemctl start tunnel_\\#${#name}#${name}.device Reasons I and possible more in the world are really tired of implementing nested escapes. Therefore the approach is to give the number of characters instead of any end token. This is friendly to programmers and CPUs, isn't it? Any objections? Regards, Gero [0] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=747044 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemctl escaping of unit names
On Sun, Jul 06, 2014 at 04:01:52PM +0200, Gero Treuner wrote: Hello everybody, I join this mailing list because I want to discuss extending systemctl with a method to escape unit names. Currently systemd and systemctl deal with escaped unit names but there are many potential name sources which doesn't have out-of-the-box escaping methods. The issue is a Debian bug related to a service unit for a network device [0]. Current situation * systemctl somewhat supports escaping of paths for the unit types device and mount (in function unit_name_mangle). * systemctl prevents broken unit names by escaping invalid characters, but doesn't escape in a transparent way clear_name-escaped_name (it isn't supposed to do that, because ready-to-use i. e. escaped unit names are expected) * systemd does not provide access to the escaping methods in a practical way for most environments. Although the escape mechanism is documented, have systemd integrators implement it by themself has some disadvantages: 1. It can't be simply done in shell only. 2. Lots of independently created escapes potentially lead to errors, which can cause various effects up to security risks or system hangs. Proposal 1. Extend systemctl unit name interpretation with a syntax to escape in controlled manner, preferably capable of escaping only parts of a given name to support compound names with verbatim content (given by users typing anything they imagine in their GUI). Hi, this is not useful. The *instance* part is escaped, because it refers to file system paths and other things which are not controlled by systemd or by users of systemd. Unit *names* are controlled, so it's much more productive to simply set some rules which limit what is allowed. All units have a free-text Description= field, which can hold whatever the user wants. I and possible more in the world are really tired of implementing nested escapes. This is a good reason to implement a helper in systemctl... Therefore the approach is to give the number of characters instead of any end token. This is friendly to programmers and CPUs, isn't it? ... no, a few extra cycles spent on string processing do not really matter. [0] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=747044 Zbyszek ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemctl escaping of unit names
On Sun, 06.07.14 16:01, Gero Treuner (gt_18_lists.freedesktop@innocircle.com) wrote: 1. Extend systemctl unit name interpretation with a syntax to escape in controlled manner, preferably capable of escaping only parts of a given name to support compound names with verbatim content (given by users typing anything they imagine in their GUI). 2. The syntax must match this criteria * no valid C escaped string (to clearly distinguish valid names) * a possible end token could be easily preencoded in shell and common languages 3. Document this. Possible syntax: Start token: '\' + '#' + number of characters to be encoded (C-lib-parsed) + '#' End token: none ;-) Example 1 (UTF-8, decimal number): Raw: tunnel_\#14#Nürnberg-Link.device Escaped: tunnel_N\xC3\xBCrnberg\x2DLink.device Example 2 (Latin1, hex number) Raw: tunnel_\#0xD#Nürnberg-Link.device Escaped: tunnel_N\xFCrnberg\x2DLink.device In POSIX shell: name=Nürnberg-Link LC_ALL=C systemctl start tunnel_\\#${#name}#${name}.device Reasons I and possible more in the world are really tired of implementing nested escapes. Therefore the approach is to give the number of characters instead of any end token. This is friendly to programmers and CPUs, isn't it? I'd prefer if we wouldn't make things more complex by inventing new syntaxes. I think I'd prefer if we'd simply add a new tool systemd-escape which escapes or unescapes all parameters, depending on some switch. (And maybe we could even add an extra switch to allow users to query whant unit_name_mangle() would normally do, without actually using it immediately.) With that in place you could then do: systemctl status foobar@$(systemctl-escape $XYZ).service Which feels quite OK to me, and is reasonably simple to understand. (And I think I would prefer this as seperate tool from systemctl -- and not just as new verbs), since this appears to not be directly related to what systemctl otherwise does which is control the system...) Lennart -- Lennart Poettering, Red Hat ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemctl escaping of unit names
2014-07-06 22:12 GMT+02:00 Lennart Poettering lenn...@poettering.net: (And I think I would prefer this as seperate tool from systemctl -- and not just as new verbs), since this appears to not be directly related to what systemctl otherwise does which is control the system...) I ended up with something like this. See attached patch. I've put it in /lib/systemd/ as I wasn't sure at that time that it would be accepted upstream so I didn't want to put it in $PATH If there is consensus, I'll just move it from rootlibexec_PROGRAMS to rootbin_PROGRAMS Cheers, Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? From c8d500e547063b0d0480d34869ee6fd97ec0e01a Mon Sep 17 00:00:00 2001 From: Michael Biebl bi...@debian.org Date: Wed, 4 Jun 2014 01:57:11 +0200 Subject: [PATCH] Add systemd-escape helper --- Makefile.am | 8 src/escape/escape.c | 25 + 2 files changed, 33 insertions(+) create mode 100644 src/escape/escape.c diff --git a/Makefile.am b/Makefile.am index 8af619c..9b319c9 100644 --- a/Makefile.am +++ b/Makefile.am @@ -349,6 +349,7 @@ dist_kernelinstall_SCRIPTS = \ rootlibexec_PROGRAMS = \ systemd \ + systemd-escape \ systemd-cgroups-agent \ systemd-initctl \ systemd-update-utmp \ @@ -2003,6 +2004,13 @@ systemd_cgroups_agent_LDADD = \ libsystemd-shared.la # -- +systemd_escape_SOURCES = \ + src/escape/escape.c + +systemd_escape_LDADD = \ + libsystemd-shared.la +# - + systemctl_SOURCES = \ src/systemctl/systemctl.c diff --git a/src/escape/escape.c b/src/escape/escape.c new file mode 100644 index 000..1db6a0f --- /dev/null +++ b/src/escape/escape.c @@ -0,0 +1,25 @@ +#include stdio.h +#include stdlib.h + +#include log.h +#include unit-name.h + +int main(int argc, char *argv[]) { +char *escaped_name = NULL; + +if (argc != 2) { +log_error(This program requires on argument.); +return EXIT_FAILURE; +} + +escaped_name = unit_name_escape(argv[1]); + +if (!escaped_name) { +log_error(Failed to escape name.); +return EXIT_FAILURE; +} + +printf(%s, escaped_name); + +return EXIT_SUCCESS; +} -- 2.0.1 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemctl escaping of unit names
2014-07-06 22:28 GMT+02:00 Michael Biebl mbi...@gmail.com: If there is consensus, I'll just move it from rootlibexec_PROGRAMS to rootbin_PROGRAMS And moving it to $PATH probably means adding a short man page -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemctl escaping of unit names
On Sun, Jul 06, 2014 at 10:28:55PM +0200, Michael Biebl wrote: +#include stdio.h +#include stdlib.h + +#include log.h +#include unit-name.h + +int main(int argc, char *argv[]) { +char *escaped_name = NULL; + +if (argc != 2) { +log_error(This program requires on argument.); an or one? +return EXIT_FAILURE; +} + +escaped_name = unit_name_escape(argv[1]); + +if (!escaped_name) { +log_error(Failed to escape name.); Maybe just log_oom()? +return EXIT_FAILURE; +} + +printf(%s, escaped_name); + +return EXIT_SUCCESS; What about adding a --template parameter, to be used as systemd-escape --template myunit@.service /some/path - myunit@some-path.service ? Zbyszek ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemctl escaping of unit names
2014-07-06 23:22 GMT+02:00 Zbigniew Jędrzejewski-Szmek zbys...@in.waw.pl: On Sun, Jul 06, 2014 at 10:28:55PM +0200, Michael Biebl wrote: +#include stdio.h +#include stdlib.h + +#include log.h +#include unit-name.h + +int main(int argc, char *argv[]) { +char *escaped_name = NULL; + +if (argc != 2) { +log_error(This program requires on argument.); an or one? Ah, right. Thanks for spotting that typo. +return EXIT_FAILURE; +} + +escaped_name = unit_name_escape(argv[1]); + +if (!escaped_name) { +log_error(Failed to escape name.); Maybe just log_oom()? Ok. +return EXIT_FAILURE; +} + +printf(%s, escaped_name); + +return EXIT_SUCCESS; What about adding a --template parameter, to be used as systemd-escape --template myunit@.service /some/path - myunit@some-path.service Why not. Let me add that including a short man page. Cheers, Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel