Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

allow comments in rules file #111

Closed
Sec42 opened this issue Aug 13, 2016 · 9 comments
Closed

allow comments in rules file #111

Sec42 opened this issue Aug 13, 2016 · 9 comments
Labels
RFE
Milestone
0.7.x

Comments

@Sec42
Copy link

Sec42 commented Aug 13, 2016

Currently no comments are allowed in the rules files (e.g. lines starting with "#") - this should be allowed
@dkopecek dkopecek added this to the 1.0.x milestone Aug 13, 2016
@dkopecek
Copy link
Member

Thanks for the suggestion. This is certainly a nice to have feature.

@ilf
Copy link

ilf commented Nov 11, 2016

Having generated and edited a rule file, I naturally added comment lines, only to discover usbguard would fail starting. I would also like this. :)

@dkopecek
Copy link
Member

@ilf Hi and thanks for the feedback. I guess I'm going to implement this sooner than planned.

@dkopecek dkopecek modified the milestones: 0.6.x, 1.0.x Nov 12, 2016
@Dridi
Copy link
Contributor

Dridi commented Dec 29, 2016

As a side note, empty lines seem to end the parsing prematurely, and silently. I noticed it while playing with usbguard-rule-parser after getting a parsing error on a wannabe comment.

So please support both comments and empty lines :)

@Dridi
Copy link
Contributor

Dridi commented Dec 11, 2017

To anyone interested, I did some testing on 0.7.1 because I initially thought that #209 solved this issue. Doing some testing with a bunch of devices and twisting my rules to make sure that I'm not weakening my setup I came to the conclusion that empty lines are indeed supported.

The usbguard-rule-parser program on the other hand doesn't use the same code to parse rules files, and silently ignores whatever comes after the first empty line.

This ignores empty lines:

usbguard/src/Library/RuleSetPrivate.cpp

Lines 87 to 89 in 6b7863a

if (rule) {
appendRule(rule);
}

This stops on the first empty line:

usbguard/src/CLI/usbguard-rule-parser.cpp

Lines 104 to 106 in e7f984b

if (rule_spec.empty()) {
break;
}

While we still don't have comments in rules files, I can easily identify most of my devices by simply separating them with empty lines (there's one device I couldn't identify easily that took some plugging and unplugging to figure out=).

@bduff-sjm
Copy link

Also, it would be nice if it had the usual "rules.d" sort of directory, so /etc/usbguard/rules.d/*.conf would be processed in lexical order.

@dkopecek dkopecek modified the milestones: 0.6.x, 0.7.x Jul 24, 2018
Dridi added a commit to Dridi/usbguard that referenced this issue Jul 24, 2018
@Dridi
Skip empty lines in usbguard-rule-parser
ed44bef 
This keeps the output consistent with how usbguard itself behaves.

References USBGuard#111
@Dridi Dridi mentioned this issue Jul 24, 2018
Merged
@jk-1
Copy link

jk-1 commented Jan 6, 2019

Is this comment support already implemented? I tried v 0.7.2 and it does not have support for comments in rules.conf file.

@Dridi
Copy link
Contributor

Dridi commented Jan 6, 2019
edited

Unfortunately 09be6dc is not part of a release, it was pushed on July 24th and the last release was on July 12th.

I'm very much waiting for the next release to finally get comments in my setup. My concern is that the last code update on the master branch was in October :(

@jk-1
Copy link

jk-1 commented Jan 7, 2019

OK, hopefully it is coming soon, because long configuration files without any comments are extremely hard to maintain.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
RFE
Projects
None yet
Milestone
0.7.x
Development

No branches or pull requests
6 participants
@ilf @Sec42 @Dridi @dkopecek @jk-1 @bduff-sjm