I don't understand -- why would people edit this file? If this list is in argv, it will be difficult to identify targets using ps, because the hostname is way at the end.
Job Snijders <[email protected]> wrote: > Hi, > > I don't think this should be user configurable. > > If folks remove entries like "+ *.crl" it breaks things. > If folks add entries like "+ *.mp3" it wastes network bandwidth. :-) > > Let's use "--include" and "--exclude" instead. > > kind regards, > > Job > > On Tue, Aug 31, 2021 at 02:23:57PM +0200, Claudio Jeker wrote: > > RPKI repository can only include a few specific files, everything else is > > just ignored and deleted after every fetch. Since openrsync supports > > --exclude-file now we can use this to limit what is actually accepted by > > the client. > > > > I used a config file in /etc/rpki instead of using multiple --exclude / > > --include arguments. Mostly to keep the execvp argv short. > > > > What you think? > > -- > > :wq Claudio > > > > Index: etc/Makefile > > =================================================================== > > RCS file: /cvs/src/etc/Makefile,v > > retrieving revision 1.484 > > diff -u -p -r1.484 Makefile > > --- etc/Makefile 1 May 2021 16:11:07 -0000 1.484 > > +++ etc/Makefile 31 Aug 2021 12:17:40 -0000 > > @@ -156,7 +156,7 @@ distribution-etc-root-var: distrib-dirs > > ${DESTDIR}/etc/ppp > > cd rpki; \ > > ${INSTALL} -c -o root -g wheel -m 644 \ > > - afrinic.tal apnic.tal lacnic.tal ripe.tal \ > > + afrinic.tal apnic.tal lacnic.tal ripe.tal rsync.filter \ > > ${DESTDIR}/etc/rpki > > cd examples; \ > > ${INSTALL} -c -o root -g wheel -m 644 ${EXAMPLES} \ > > Index: etc/rpki/rsync.filter > > =================================================================== > > RCS file: etc/rpki/rsync.filter > > diff -N etc/rpki/rsync.filter > > --- /dev/null 1 Jan 1970 00:00:00 -0000 > > +++ etc/rpki/rsync.filter 31 Aug 2021 12:09:24 -0000 > > @@ -0,0 +1,7 @@ > > ++ */ > > ++ *.cer > > ++ *.crl > > ++ *.gbr > > ++ *.mft > > ++ *.roa > > +- * > > Index: usr.sbin/rpki-client/rsync.c > > =================================================================== > > RCS file: /cvs/src/usr.sbin/rpki-client/rsync.c,v > > retrieving revision 1.24 > > diff -u -p -r1.24 rsync.c > > --- usr.sbin/rpki-client/rsync.c 19 Apr 2021 17:04:35 -0000 1.24 > > +++ usr.sbin/rpki-client/rsync.c 31 Aug 2021 12:17:11 -0000 > > @@ -279,6 +279,8 @@ proc_rsync(char *prog, char *bind_addr, > > args[i++] = "--no-motd"; > > args[i++] = "--timeout"; > > args[i++] = "180"; > > + args[i++] = "--exclude-from"; > > + args[i++] = "/etc/rpki/rsync.filter"; > > if (bind_addr != NULL) { > > args[i++] = "--address"; > > args[i++] = (char *)bind_addr; > > >
