[systemd-devel] Supporting ExecStartPre= and friends in `systemctl set-property` or `systemd-run -p`

Richard Maw richard.maw at codethink.co.uk
Fri May 15 05:45:01 PDT 2015 

On Fri, May 15, 2015 at 12:40:56PM +0200, Lennart Poettering wrote:
> On Fri, 15.05.15 11:36, Richard Maw (richard.maw at codethink.co.uk) wrote:
> > Is there precedent in any other commonly used command that could be used
> > instead? I've never seen anything that required escaping like this before, and
> > I'd prefer something that had common behaviour with something that is already
> > used.
> 
> Yes, find uses ; as separator, which you have to escape as \;.

That escapes the shell-level parsing, but not the exec argument level escaping.

There's no way to embed a ; inside the command you want to run. Given this
contrived example to print a semicolon before every file in a directory.

    $ mkdir tmp
    $ cd tmp
    $ touch file
    $ find . -type f -exec echo ';' {} \;
    find: paths must precede expression: {}
    Usage: find [-H] [-L] [-P] [-Olevel] [-D help|tree|search|stat|rates|opt|exec] [path...] [expression]
    $ find . -type f -exec echo '\;' {} \;
    \; ./file
    $ find . -type f -exec sh -c 'echo \; $1' - {} \;
    ; ./file

I'm not sure escaping the ; in the find command is a fair comparison as it's
just the first of the levels of parsing involved.

> > 3.  Require that if users need to embed the separator in their command, that
> >     they use `sh -c`.
> > 
> >     systemd-run --name=foo.service /bin/sh -c '/bin/foo arg -- arg2' -- \
> >                 --name=bar.service -p Nice=80 /bin/bar -- \
> >                 -p Nice=20 --name=bazz.service
> >                 /bin/sh -c '/usr/bin/bazz arg1 -- arg2'
> 
> Well, that's always the last resort option... But of course, I think
> I'd prefer if we didn't require something like this.

I think find gets away with its escaping because escaping shell characters when
they need to be part of a command-line is a well-known gotcha, and the escape
character chosen is sufficiently unusual that the ugly `sh -c` work-around is
sufficient when it becomes a problem.

For this reason I think using ';' as a separator would be more appropriate than
--, as people familiar with find are familiar with needing to escape it, and
it's sufficiently rare that it is needed as an argument to the command that
should be run, despite how ugly it is to use.

More information about the systemd-devel mailing list