Re: Escaping path in run0 option argument

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Thanks for the help. I tested it out (using sed to escape backslashes and quotes) and it seems to work perfectly.




On Thursday, March 13th, 2025 at 10:26 AM, Andrei Borzenkov <arvidjaar@xxxxxxxxx> wrote:

> 
> 
> On Thu, Mar 13, 2025 at 4:54 PM Daniel Hast hast.daniel@xxxxxxxxxxxxxx wrote:
> 
> > Hello,
> > 
> > I'm working on a shell script that makes use of run0, and I'm having trouble figuring out how to escape a file path in the --property option. I want to use --property="ProtectSystem=strict" and --property="ReadWritePaths=[...]" to limit the transient service unit's write access to only the files it needs access to (as a sandboxing measure), but one of the paths comes from user input and could have any characters that are valid in a file path (including spaces and, in principle, any Unicode characters except NUL), so it needs to be escaped.
> > 
> > I'm aware of systemd-escape but I'm unsure of how to use it with arguments to run0; if I simply do something like --property="ReadWritePaths=$(systemd-escape --path "$filename")", I get an error: "Failed to start transient service unit: Invalid ReadWritePaths". But if I pass in an unescaped filename with spaces, I also get this error. What's the right way to do this?
> 
> 
> Yes, the rules are not apparently documented.
> 
> Looking in sources, the values are quoted using '...' or "...". My
> understanding is that '\' can be used to escape quote character
> itself.
[Index of Archives]     [LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

  Powered by Linux