On Wed, Sep 01, 2021 at 11:14:15AM +0200, Claudio Jeker wrote: > On Tue, Aug 31, 2021 at 02:23:57PM +0200, Claudio Jeker wrote: > > RPKI repository can only include a few specific files, everything else is > > just ignored and deleted after every fetch. Since openrsync supports > > --exclude-file now we can use this to limit what is actually accepted by > > the client. > > > > I used a config file in /etc/rpki instead of using multiple --exclude / > > --include arguments. Mostly to keep the execvp argv short. > > > > What you think? > > It seems using a config file to keep the argv list short is too > controversial and all alternate suggestions are worse. > So just add the include/exclude list as arguments.
Looks good. $ ps axuwww | fgrep rsync _rpki-cl 85084 0.0 0.0 816 1500 p4 S+pU 10:51AM 0:00.01 rpki-client: rsync (rpki-client) _rpki-cl 5288 0.8 0.1 16228 17576 p4 R+pU/1 10:52AM 0:06.85 openrsync -rt --no-motd --timeout=180 --include=* --include=*.cer --include=*.crl --include=*.gbr --include=*.mft --include=*.roa --exclude=* rsync://rpki.arin.net/repository rsync/rpki.arin.net/repository OK job@