[systemd-devel] systemctl escaping of unit names

Gero Treuner gt_18_lists.freedesktop.org at innocircle.com
Sun Jul 6 07:01:52 PDT 2014 

Hello everybody,

I join this mailing list because I want to discuss extending systemctl
with a method to escape unit names. Currently systemd and systemctl
deal with escaped unit names but there are many potential name sources
which doesn't have out-of-the-box escaping methods.

The issue is a Debian bug related to a service unit for a network
device [0].


Current situation

* systemctl somewhat supports escaping of paths for the unit types
  device and mount (in function unit_name_mangle).

* systemctl prevents broken unit names by escaping invalid characters,
  but doesn't escape in a transparent way clear_name->escaped_name
  (it isn't supposed to do that, because "ready-to-use" i. e. escaped
  unit names are expected)

* systemd does not provide access to the escaping methods in a
  practical way for most environments. Although the escape mechanism is
  documented, have systemd integrators implement it by themself has some
  disadvantages:
  1. It can't be simply done in shell only.
  2. Lots of independently created escapes potentially lead to errors,
     which can cause various effects up to security risks or system
     hangs.


Proposal

1. Extend systemctl unit name interpretation with a syntax to escape in
   controlled manner, preferably capable of escaping only parts of a
   given name to support compound names with verbatim content (given by
   users typing anything they imagine in their GUI).

2. The syntax must match this criteria
   * no valid C escaped string (to clearly distinguish valid names)
   * a possible end token could be easily preencoded in shell and
     common languages

3. Document this.

Possible syntax:
Start token: '\' + '#' + number of characters to be encoded (C-lib-parsed) + '#'
End token:   none ;-)

Example 1 (UTF-8, decimal number):
Raw:         tunnel_\#14#Nürnberg-Link.device
Escaped:     tunnel_N\xC3\xBCrnberg\x2DLink.device

Example 2 (Latin1, hex number)
Raw:         tunnel_\#0xD#Nürnberg-Link.device
Escaped:     tunnel_N\xFCrnberg\x2DLink.device

In POSIX shell:
	name="Nürnberg-Link"
	LC_ALL=C
	systemctl start tunnel_\\#${#name}#${name}.device


Reasons

I and possible more in the world are really tired of implementing
nested escapes. Therefore the approach is to give the number of
characters instead of any end token. This is friendly to programmers
and CPUs, isn't it?


Any objections?


Regards,
 Gero


[0] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=747044

More information about the systemd-devel mailing list