Job Snijders wrote:
> On Wed, Sep 01, 2021 at 11:14:15AM +0200, Claudio Jeker wrote:
> > On Tue, Aug 31, 2021 at 02:23:57PM +0200, Claudio Jeker wrote:
> > > RPKI repository can only include a few specific files, everything else is
> > > just ignored and deleted after every fetch. Since
On Wed, Sep 01, 2021 at 11:14:15AM +0200, Claudio Jeker wrote:
> On Tue, Aug 31, 2021 at 02:23:57PM +0200, Claudio Jeker wrote:
> > RPKI repository can only include a few specific files, everything else is
> > just ignored and deleted after every fetch. Since openrsync supports
> > --exclude-file
On Tue, Aug 31, 2021 at 02:23:57PM +0200, Claudio Jeker wrote:
> RPKI repository can only include a few specific files, everything else is
> just ignored and deleted after every fetch. Since openrsync supports
> --exclude-file now we can use this to limit what is actually accepted by
> the
Theo de Raadt(dera...@openbsd.org) on 2021.08.31 11:09:22 -0600:
> I don't understand -- why would people edit this file?
>
> If this list is in argv, it will be difficult to identify targets using
> ps, because the hostname is way at the end.
Yes.
If we worry about people touching it,
I don't understand -- why would people edit this file?
If this list is in argv, it will be difficult to identify targets using
ps, because the hostname is way at the end.
Job Snijders wrote:
> Hi,
>
> I don't think this should be user configurable.
>
> If folks remove entries like "+ *.crl"
Hi,
I don't think this should be user configurable.
If folks remove entries like "+ *.crl" it breaks things.
If folks add entries like "+ *.mp3" it wastes network bandwidth. :-)
Let's use "--include" and "--exclude" instead.
kind regards,
Job
On Tue, Aug 31, 2021 at 02:23:57PM +0200, Claudio
RPKI repository can only include a few specific files, everything else is
just ignored and deleted after every fetch. Since openrsync supports
--exclude-file now we can use this to limit what is actually accepted by
the client.
I used a config file in /etc/rpki instead of using multiple